WO2021179815A1 - Encrypted communication method and apparatus, and electronic device and computer-readable storage medium - Google Patents

Encrypted communication method and apparatus, and electronic device and computer-readable storage medium Download PDF

Info

Publication number
WO2021179815A1
WO2021179815A1 PCT/CN2021/073732 CN2021073732W WO2021179815A1 WO 2021179815 A1 WO2021179815 A1 WO 2021179815A1 CN 2021073732 W CN2021073732 W CN 2021073732W WO 2021179815 A1 WO2021179815 A1 WO 2021179815A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic device
processor
key
ciphertext
bluetooth
Prior art date
Application number
PCT/CN2021/073732
Other languages
French (fr)
Chinese (zh)
Inventor
郭桦
Original Assignee
Oppo广东移动通信有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oppo广东移动通信有限公司 filed Critical Oppo广东移动通信有限公司
Priority to EP21768350.7A priority Critical patent/EP4117327A4/en
Publication of WO2021179815A1 publication Critical patent/WO2021179815A1/en
Priority to US17/886,246 priority patent/US20220382886A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • G06F21/43User authentication using separate channels for security data wireless channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/047Key management, e.g. using generic bootstrapping architecture [GBA] without using a trusted network node as an anchor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/047Key management, e.g. using generic bootstrapping architecture [GBA] without using a trusted network node as an anchor
    • H04W12/0471Key exchange
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/107License processing; Key processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2115Third party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication

Definitions

  • This application relates to the field of communication technology, and in particular to an encrypted communication method, device, electronic equipment, and computer-readable storage medium.
  • Bluetooth is a radio technology that supports device short-distance communication (generally within 10m). It can exchange information wirelessly among many devices including mobile phones, PDAs (Personal Digital Assistant), wireless headsets, notebook computers, and related peripherals. .
  • an encrypted communication method device, electronic device, and computer-readable storage medium are provided.
  • An encrypted communication method which is applied to a first electronic device including a first processor and a second processor, the first processor communicates through an encrypted channel of a first Bluetooth, and the second processor communicates through a second Bluetooth To communicate through an unencrypted channel; the method includes:
  • the second processor When the first electronic device switches to the system where the second processor is located, the second processor receives the first ciphertext sent by the second electronic device; the first ciphertext is the The second electronic device sends to the second processor through the second Bluetooth non-encrypted channel, the first ciphertext is generated by the second electronic device using the key to encrypt the first plaintext ;
  • the second processor uses the key to decrypt the first ciphertext to obtain the first plaintext.
  • An encrypted communication device which is applied to a first electronic device including a first processor and a second processor, the first processor communicates through an encrypted channel of a first Bluetooth, and the second processor communicates through a second Bluetooth Unencrypted channel for communication; including:
  • the key receiving module is configured to receive the key sent by the second electronic device through the first processor, and send the key to the second processor; the key is the second electronic device Sent to the first processor through the first Bluetooth encryption channel, and the key is generated by the second electronic device;
  • the first ciphertext receiving module is configured to receive the first ciphertext sent by the second electronic device through the second processor when the first electronic device is switched to the system where the second processor is located;
  • the first ciphertext is sent by the second electronic device to the second processor through the second Bluetooth non-encrypted channel, and the first ciphertext is the second electronic device using the secret
  • the key is generated by encrypting the first plaintext
  • the decryption module is configured to decrypt the first ciphertext using the key by the second processor to obtain the first plaintext.
  • An electronic device includes a memory and a processor, and a computer program is stored in the memory.
  • the processor causes the processor to perform the operation of the encrypted communication method described above.
  • the aforementioned encrypted communication method, device, electronic device, and computer-readable storage medium are applied to a first electronic device including a first processor and a second processor.
  • the first processor communicates through the first Bluetooth encryption channel, and the second The processor communicates through the non-encrypted channel of the second Bluetooth; receives the key sent by the second electronic device through the first processor, and sends the key to the second processor; the key is the second electronic device through the first Bluetooth
  • the security of the key can be guaranteed
  • the first electronic device is switched to the system where the second processor is located, that is, the first electronic device passes through the second processor and the second electronic device To communicate, and the second processor communicates through the non-encrypted channel of the second Bluetooth, receives the first ciphertext sent by the second electronic device through the second processor; uses the key to perform the first ciphertext through the second processor Decryption to obtain the first plaintext prevents data leakage when the second electronic device communicates with the second processor in plaintext, and improve
  • An encrypted communication method applied to a second electronic device that communicates with a first electronic device, the first electronic device includes a first processor and a second processor, and the first processor is encrypted by a first Bluetooth Communication through a second Bluetooth channel, and the second processor communicates through a second Bluetooth non-encrypted channel; the method includes:
  • the key is sent to the first processor in the first electronic device through the first Bluetooth encryption channel; the key is used to instruct the first processor to receive the secret Sending the key to the second processor;
  • the first ciphertext is sent to the first ciphertext in the first electronic device through the non-encrypted channel of the second Bluetooth
  • the second processor the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used to instruct the second processor to use the
  • the key decrypts the first ciphertext to obtain the first plaintext.
  • the first electronic device includes a first processor and a second processor.
  • the first processor is encrypted by a first Bluetooth Communication through a channel, and the second processor communicates through a second Bluetooth non-encrypted channel; the device includes:
  • Key generation module used to generate keys
  • a key sending module configured to send the key to the first processor in the first electronic device through the first Bluetooth encryption channel; the key is used to instruct the first processing Sending the received key to the second processor;
  • the first ciphertext sending module is configured to send the first ciphertext to the system through the second Bluetooth unencrypted channel when it is detected that the first electronic device is switched to the system where the second processor is located.
  • the second processor in the first electronic device the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used for Instruct the second processor to decrypt the first ciphertext by using the key to obtain the first plaintext.
  • An electronic device includes a memory and a processor, and a computer program is stored in the memory.
  • the processor causes the processor to perform the operation of the encrypted communication method described above.
  • the aforementioned encrypted communication method, device, electronic device, and computer-readable storage medium are applied to a second electronic device that communicates with a first electronic device.
  • the first electronic device includes a first processor and a second processor.
  • the first processor Communicate through the encrypted channel of the first Bluetooth, the second processor communicates through the non-encrypted channel of the second Bluetooth; generate a key; send the key to the first processing in the first electronic device through the encrypted channel of the first Bluetooth
  • the security of the key can be guaranteed; the key is used to instruct the first processor to send the received key to the second processor; when it is detected that the first electronic device is switched to the system where the second processor is located, that is The first electronic device communicates with the second electronic device through the second processor, and the second processor communicates through the second Bluetooth unencrypted channel, and sends the first ciphertext to the first through the second Bluetooth unencrypted channel.
  • the second processor in the electronic device the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used to instruct the second processor to use the key to pair the first ciphertext
  • the text is decrypted to obtain the first plain text, which avoids data leakage when the second electronic device communicates with the second processor in plain text, and improves the security of communication between the second electronic device and the first electronic device.
  • Fig. 1 is an application environment diagram of an encrypted communication method in an embodiment.
  • Fig. 2 is a flowchart of an encrypted communication method in an embodiment.
  • Figure 3a is a schematic diagram of the first electronic device communicating in a watch mode in an embodiment.
  • Figure 3b is a schematic diagram of the first electronic device communicating in a bracelet mode in an embodiment.
  • Fig. 4 is a flow chart of switching the first electronic device to the system where the second processor is located in an embodiment.
  • Fig. 5a is a schematic diagram of peripherals controlled by the first processor when the first electronic device is in the system where the first processor is located in an embodiment.
  • Fig. 5b is a schematic diagram of peripherals controlled by the second processor when the first electronic device is in the system where the second processor is located in an embodiment.
  • Fig. 6 is a flowchart of operating a second electronic device identifier for matching in an embodiment.
  • Fig. 7 is a flowchart of an encrypted communication method in another embodiment.
  • Fig. 8 is a flowchart of an encrypted communication method in another embodiment.
  • Fig. 9 is a structural block diagram of an encrypted communication device in an embodiment.
  • Fig. 10 is a structural block diagram of an encrypted communication device in another embodiment.
  • FIG. 11 is a schematic diagram of the internal structure of an electronic device in an embodiment.
  • first, second, etc. used in this application can be used herein to describe various elements, but these elements are not limited by these terms. These terms are only used to distinguish the first element from another element.
  • the first electronic device may be referred to as the second electronic device, and similarly, the second electronic device may be referred to as the first electronic device. Both the first electronic device and the second electronic device are electronic devices, but they are not the same electronic device.
  • Fig. 1 is a schematic diagram of an application environment of an encrypted communication method in an embodiment.
  • the application environment includes a first electronic device 102, a second electronic device 104, and a server 106.
  • the first electronic device 102 and the second electronic device 104 are connected and communicated via Bluetooth.
  • the first electronic device 102 includes a first processor and a second processor.
  • the first processor communicates with the second electronic device 104 through the first Bluetooth encrypted channel
  • the second processor communicates with the second Bluetooth non-encrypted channel.
  • the second electronic device 104 communicates with the server 106 through a network.
  • the first electronic device 102 can be, but not limited to, smart bracelets and wearable devices
  • the second electronic device 104 can be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices, and servers.
  • 106 can be implemented with an independent server or a server cluster composed of multiple servers.
  • Fig. 2 is a flowchart of an encrypted communication method in an embodiment.
  • the encrypted communication method in this embodiment is applied to a first electronic device including a first processor and a second processor.
  • the first processor communicates through the encrypted channel of the first Bluetooth
  • the second processor communicates through the second Bluetooth
  • the power consumption of the second Bluetooth is lower than the power consumption of the first Bluetooth.
  • the encrypted communication method includes operation 202 to operation 206.
  • the key sent by the second electronic device is received by the first processor, and the key is sent to the second processor; the key is sent by the second electronic device to the first processor through the encryption channel of the first Bluetooth. , The key is generated by the second electronic device.
  • the first electronic device includes a first processor and a second processor.
  • the first processor may be used as a main processor, and the second processor may be used as a coprocessor; or the first processor may be used as a coprocessor, and the second processor may be used as a main processor.
  • the first electronic device includes a system where the first processor is located and a system where the second processor is located, that is, the first electronic device is a dual-system electronic device.
  • the system where the first processor is located is the Android system (Android system)
  • the system where the second processor is located is the RTOS system (Real-time operating system, real-time operating system).
  • the first electronic device When the first electronic device is in the system where the first processor is located, the first electronic device uses the first processor to communicate; when the first electronic device is in the system where the second processor is located, the first electronic device uses the second processing Device to communicate.
  • the working mode of the first electronic device is the first mode; when the first electronic device is in the system where the second processor is located, the working mode of the first electronic device is The second mode.
  • the first mode uses the first processor for communication
  • the second mode uses the second processor for communication; the power consumption of the first mode is lower than that of the second mode.
  • the first electronic device may be a smart bracelet, including dual systems, that is, including the system where the first processor is located and the system where the second processor is located, the system where the first processor is located may be an Android system, and the second processor The system is an RTOS system.
  • the first mode of the smart bracelet can be Watch Mode, and the Android system can provide more complete functions;
  • the second mode of the smart bracelet It can be in Twist Band Mode, and the RTOS system can provide low power consumption and long standby capability.
  • Bluetooth is a radio technology that supports device short-distance communication (generally within 10m). It can exchange information wirelessly among many devices including mobile phones, PDAs (Personal Digital Assistant), wireless headsets, notebook computers, and related peripherals. .
  • Bluetooth includes classic Bluetooth, low energy Bluetooth and so on.
  • Classic Bluetooth includes BR (Basic Rate) Bluetooth, EDR (Enhanced Data Rate) Bluetooth, etc.
  • Bluetooth Low Energy includes BLE (Bluetooth Low Energy) Bluetooth.
  • Both the first Bluetooth and the second Bluetooth may be one of the above Bluetooth, and the power consumption of the second Bluetooth is lower than the power consumption of the first Bluetooth.
  • the first Bluetooth may be classic Bluetooth BR Bluetooth or EDR Bluetooth
  • the second Bluetooth may be BLE Bluetooth.
  • the key sent by the second electronic device is received by the first processor, and the received key is sent to the second processor by the first processor. It is understandable that the first processor communicates through the encrypted channel of the first Bluetooth, the second processor communicates through the unencrypted channel of the second Bluetooth, and the first processor receives the second electronic channel through the encrypted channel of the first Bluetooth.
  • the key sent by the device avoids the problem of key leakage caused by the second processor receiving the key sent by the second electronic device through the non-encrypted channel of the second Bluetooth, and the security of the key can be ensured.
  • the first electronic device is a smart bracelet.
  • the first electronic device runs the system where the first processor is located, the first electronic device is in watch mode; when the first electronic device runs the system where the second processor is located, In the system, the first electronic device is in the bracelet mode.
  • the first electronic device 302 includes a first processor and a second processor, and the second electronic device 304 is installed with a target application program.
  • the first processor in the first electronic device 302 communicates with the target application in the second electronic device 304 through the encrypted channel of the first Bluetooth.
  • the second processor in the first electronic device 302 communicates with the target application in the second electronic device 304 through the unencrypted channel of the first Bluetooth.
  • Operation 204 when the first electronic device is switched to the system where the second processor is located, receive the first ciphertext sent by the second electronic device through the second processor; The non-encrypted channel is sent to the second processor, and the first ciphertext is generated by the second electronic device using the key to encrypt the first plaintext.
  • the first processor in the first electronic device communicates with the second electronic device through the encrypted channel of the first Bluetooth.
  • the second processor in the first electronic device communicates with the second electronic device through the non-encrypted channel of the second Bluetooth. It can be understood that the unencrypted channel of the second Bluetooth has low security. Therefore, when the first electronic device is switched to the system where the second processor is located, in order to ensure the security of the communication data, the second processor in the first electronic device and the second electronic device encrypt the communication data, and then pass the 2.
  • the non-encrypted channel of Bluetooth is used for transmission.
  • the key is generated by a target application in the second electronic device, and the target application is connected to the first electronic device.
  • the first electronic device is a smart bracelet
  • the second electronic device is a smart phone
  • the target application is a health APP
  • the smart bracelet can obtain various data such as the user’s daily walking mileage, the user’s sleep duration, the user’s heartbeat frequency, etc. And send various data to the health APP in the smart phone; and the health APP can obtain various instructions of the user, such as the instruction to collect the user's heartbeat frequency, and send various instructions to the smart bracelet.
  • the first electronic device is a smart bracelet.
  • the first electronic device is in watch mode; when the first electronic device is in When the system where the second processor is located, the first electronic device is in the bracelet mode.
  • the smart bracelet is switched from the watch mode to the bracelet mode, perform operation 402 to trigger the bracelet mode; perform operation 404 to display the switching animation; perform operation 406 to turn off the first Bluetooth; perform operation 408 to release screen control.
  • the first processor of the first electronic device sends the switching instruction to the second processor.
  • the switching instruction can be MSG: REQ_HOST_BAND_MODE. After the first processor releases the screen control right, the first processor is in the off state.
  • the second processor receives the switching instruction, it executes operation 410 to write the bracelet mode flag bit; executes operation 412 to activate the bracelet mode.
  • the second processor uses the key to decrypt the first ciphertext to obtain the first plaintext.
  • the first ciphertext sent by the second electronic device to the second processor is encrypted using a key.
  • the key is the same as the key sent by the first processor received by the second processor. Therefore, the second processor can use the key to decrypt the first ciphertext to obtain the first plaintext.
  • the above-mentioned encrypted communication method is applied to a first electronic device including a first processor and a second processor.
  • the first processor communicates through the first Bluetooth encryption channel, and the second processor communicates through the second The non-encrypted channel of Bluetooth for communication, the power consumption of the second Bluetooth is lower than the power consumption of the first Bluetooth;
  • the first processor receives the key sent by the second electronic device, and sends the key to the second processor;
  • the key is sent by the second electronic device to the first processor through the first Bluetooth encryption channel, which can ensure the security of the key; when the first electronic device is switched to the system where the second processor is located, the first electronic device
  • the second processor communicates with the second electronic device, and the second processor communicates through the second Bluetooth non-encrypted channel, and receives the first ciphertext sent by the second electronic device through the second processor; through the second processing
  • the device uses the key to decrypt the first ciphertext to obtain the first plaintext, avoiding data leakage when the second electronic device communicates with the second
  • the first electronic device is a smart bracelet, as shown in FIG. 5a, when the smart bracelet is in watch mode, that is, when the first electronic device is in the system where the first processor is located, the first processor may Control Screen (display screen), TP (touch screen), receive Key (key).
  • the second processor when the smart bracelet is switched to the bracelet mode, that is, when the first electronic device is in the system where the second processor is located, the second processor can control Screen (display screen), TP (touch screen), and receive Key.
  • the second processor can also control PPG, ECG, A+G, ALS, CAP, Magnetometer and Barometer.
  • the above method further includes:
  • the identification of the second electronic device sent by the second electronic device is received by the first processor, and the identification of the second electronic device is sent to the second processor; the identification of the second electronic device is that the second electronic device passes the second electronic device A Bluetooth encrypted channel is sent.
  • the identification of the second electronic device may uniquely identify the second electronic device.
  • the second electronic device can be uniquely found through the identification of the second electronic device.
  • the identification of the second electronic device may be at least one of the MAC address of the second electronic device, the name of the second electronic device, a character string, and the like.
  • the second processor communicates through the non-encrypted channel of the second Bluetooth, all candidate devices within the communication range of the second processor can be connected to the second processor and communicate with the second processor. Therefore, the second processor matches the received identifier of the second electronic device with each connected candidate device, and searches for the second electronic device from each candidate device, so that the second processor and the second electronic device accurately communicate.
  • the candidate device that matches the identifier of the second electronic device is the second electronic device, and executes the second processor to receive the second electronic device sent by the second electronic device.
  • a ciphertext operation when there is an identifier of the second electronic device that matches the candidate device, the candidate device that matches the identifier of the second electronic device is the second electronic device, and executes the second processor to receive the second electronic device sent by the second electronic device.
  • the first processor receives the identification of the second electronic device sent by the second electronic device, and sends the identification of the second electronic device to the second processor; the identification of the second electronic device is the second electronic device.
  • the device is sent through the encrypted channel of the first Bluetooth; when the first electronic device is switched to the system where the second processor is located, the second processor will receive the identification of the second electronic device with each candidate connected to the first electronic device The device is matched, and the user does not need to match the first electronic device with the second electronic device when the first electronic device switches the system, which can improve the efficiency of communication.
  • the candidate device that matches the identification of the second electronic device is the second electronic device, and the second electronic device receives the first secret sent by the second electronic device through the second processor.
  • the second electronic device can be accurately found through the identification of the second electronic device, which prevents the theft or misconnection of peripheral devices of the first electronic device, and enables the second processor to accurately communicate with the second electronic device.
  • the above method further includes: obtaining the second plaintext by the second processor; encrypting the second plaintext by using the key to generate the second ciphertext, and sending the second ciphertext to the second electronic device through the non-encrypted channel of the second Bluetooth Device; the second ciphertext is used to instruct the second electronic device to use the key to decrypt the second ciphertext to obtain the second plaintext.
  • the second processor uses the key to encrypt the second plaintext to obtain the second ciphertext, which is sent to the second electronic device through the second Bluetooth non-encrypted channel, Encrypt the second plaintext to avoid leakage of the second plaintext during transmission in the on-the-fly encrypted channel, which can improve security.
  • the second electronic device can use the key to decrypt the second ciphertext to obtain the second plaintext.
  • the second processor communicates with the second electronic device through the non-encrypted channel of the second Bluetooth, which can reduce power consumption.
  • the above method further includes: when detecting the first connection with the first electronic device, judging the currently running system; when the currently running system is the system where the first processor is located, executing through the first processor Receive the key operation sent by the second electronic device; when the currently running system is the system where the second processor is located, switch the first electronic device to the system where the first processor is located, and execute receiving the second The key operation sent by the electronic device.
  • the first connection between the first electronic device and the second electronic device refers to the first connection between the first electronic device and the second electronic device, or the first electronic device has been connected with the second electronic device before, but the first electronic device clears the cache Then connect with the second electronic device.
  • the first electronic device determines the currently running system.
  • the system currently running on the first electronic device may be one of the system where the first processor is located and the system where the second processor is located.
  • the operation of receiving the key sent by the second electronic device through the first processor is executed.
  • the first electronic device first switches the currently running system to the system where the first processor is located, and uses the first Bluetooth encryption channel to communicate with the second electronic device , That is, receiving the key sent by the second electronic device through the encryption channel of the first Bluetooth, which can ensure the security of the key.
  • Fig. 7 is a flowchart of an encrypted communication method in another embodiment.
  • the encrypted communication method in this embodiment is applied to a second electronic device that communicates with a first electronic device.
  • the first electronic device includes a first processor and a second processor, and the first processor passes through the encrypted channel of the first Bluetooth
  • the second processor communicates through the non-encrypted channel of the second Bluetooth, and the power consumption of the second Bluetooth is lower than the power consumption of the first Bluetooth.
  • the encrypted communication method includes operations 702 to 706.
  • the key can be generated by the target application in the second electronic device.
  • the target application is a health APP connected to the first electronic device.
  • the key is sent to the first processor in the first electronic device through the encryption channel of the first Bluetooth; the key is used to instruct the first processor to send the received key to the second processor.
  • the first ciphertext is sent to the second processor in the first electronic device through the non-encrypted channel of the second Bluetooth;
  • the text is obtained by encrypting the first plain text obtained by the second electronic device using the key, and the first cipher text is used to instruct the second processor to use the key to decrypt the first cipher text to obtain the first plain text.
  • the above-mentioned encrypted communication method is applied to a second electronic device that communicates with a first electronic device.
  • the first electronic device includes a first processor and a second processor.
  • the first processor communicates through a first Bluetooth encryption channel.
  • the second processor communicates through the non-encrypted channel of the second Bluetooth; the power consumption of the second Bluetooth is lower than that of the first Bluetooth; generates a key; sends the key to the first electronic device through the encrypted channel of the first Bluetooth
  • the first processor can ensure the security of the key; the key is used to instruct the first processor to send the received key to the second processor; when it is detected that the first electronic device is switched to the second processor
  • the first electronic device communicates with the second electronic device through the second processor, and the second processor communicates through the second Bluetooth non-encrypted channel, passing the first ciphertext through the second Bluetooth non-encrypted channel Sent to the second processor in the first electronic device; the first ciphertext is obtained by encrypting the first plaintext obtained by the second
  • the above method further includes: sending the identification of the second electronic device to the first processor in the first electronic device through the encrypted channel of the first Bluetooth; the identification of the second electronic device is used to indicate the first processing
  • the device sends the received identification of the second electronic device to the second processor, and the received identification of the second electronic device is matched with each candidate device connected to the first electronic device through the second processor.
  • the identifier of matches the candidate device the candidate device that matches the identifier of the second electronic device is the second electronic device, and the first ciphertext sent by the second electronic device is received through the second processor.
  • the identifier of the second electronic device is sent to the first processor in the first electronic device through the encrypted channel of the first Bluetooth; the identifier of the second electronic device is used to instruct the first processor to receive the first processor.
  • the identification of the second electronic device is sent to the second processor, and the received identification of the second electronic device is matched with each candidate device connected to the first electronic device through the second processor, and the user does not need to switch the system of the first electronic device. Matching the first electronic device and the second electronic device can improve the efficiency of communication.
  • the candidate device that matches the identification of the second electronic device is the second electronic device, and the second electronic device can be accurately found through the identification of the second electronic device,
  • the second processor can accurately communicate with the second electronic device, that is, the first ciphertext sent by the second electronic device is received by the second processor.
  • the above method further includes: sending the key to the server; when the second electronic device clears the key, obtaining the identification of the connected first electronic device, and sending the identification of the first electronic device to the server
  • the identification of the first electronic device is used to instruct the server to obtain a key matching the identification of the first electronic device; to receive a key matching the identification of the first electronic device sent by the server.
  • the deletion of the key by the second electronic device may be that the second electronic device deletes the key, or the electronic device clears the cache, thereby clearing the key, but it is not limited to this.
  • the identification of the first electronic device is sent to the server, and the identification of the first electronic device may also be used to instruct the server to obtain device information that matches the identification of the first electronic device, such as the MAC address of the first electronic device, and the first electronic device.
  • device information such as the MAC address of the first electronic device, and the first electronic device.
  • the key is sent to the server; when the second electronic device clears the key, the identification of the connected first electronic device is obtained, and the identification of the first electronic device is sent to the server; it can be obtained from the server A key that matches the identification of the first electronic device. Even after the second electronic device clears the key, it can obtain the key from the server again and communicate with the first electronic device through the key.
  • 802 is a first electronic device, and the first electronic device includes a first processor and a second processor.
  • the second electronic device executes operation 804 to generate a key; the second electronic device executes operation 806 to pass the identification and key of the second electronic device through the first Bluetooth
  • the encrypted channel is sent to the first processor in the first electronic device 802.
  • operation 808 is performed, and the first processor sends the second electronic device identification and key to the second processor.
  • operation 810 When the second processor receives the second electronic device identification and key sent by the first processor, operation 810 is performed, and the second processor stores the second electronic device identification and key.
  • the second electronic device performs operation 812 and sends the key to the server.
  • the second processor When the first electronic device is switched to the system where the second processor is located, the second processor performs operation 814 to match the identification of the second electronic device with each of the candidate devices connected, and when there is the identification of the second electronic device and the candidate When the devices are matched, the candidate device that matches the identifier of the second electronic device is the second electronic device.
  • the second electronic device performs operation 816 to encrypt the first plaintext using the key to obtain the first ciphertext.
  • the second electronic device performs operation 818 to send the first ciphertext to the second processor through the non-encrypted channel of the second Bluetooth.
  • the second processor receives the first ciphertext, it performs operation 820 to decrypt the first ciphertext using the key to obtain the first plaintext.
  • the second processor performs operation 822 to encrypt the second plaintext using the key to obtain the second ciphertext.
  • the second processor performs operation 824 to send the second ciphertext to the second electronic device through the non-encrypted channel of the second Bluetooth.
  • the second electronic device receives the second ciphertext, it performs operation 826 to decrypt the second ciphertext using the key to obtain the second plaintext.
  • the second electronic device may obtain the identification of the connected first electronic device, and perform operation 828 to send the identification of the first electronic device to the server.
  • the server obtains a key matching the identification of the first electronic device, and performs operation 830 to send the key to the second electronic device.
  • Fig. 9 is a structural block diagram of an encrypted communication device according to an embodiment.
  • an encrypted communication device 900 is provided, which is applied to a first electronic device including a first processor and a second processor.
  • the first processor communicates through a first Bluetooth encryption channel, and the second process
  • the device communicates through the non-encrypted channel of the second Bluetooth, and the power consumption of the second Bluetooth is lower than that of the first Bluetooth;
  • the device includes: a key receiving module 902, a first ciphertext receiving module 904, and a decryption module 906. :
  • the key receiving module 902 is configured to receive the key sent by the second electronic device through the first processor and send the key to the second processor; the key is sent to the second electronic device through the encryption channel of the first Bluetooth For the first processor, the key is generated by the second electronic device.
  • the first ciphertext receiving module 904 is configured to receive the first ciphertext sent by the second electronic device through the second processor when the first electronic device is switched to the system where the second processor is located; the first ciphertext is the second The electronic device sends to the second processor through the non-encrypted channel of the second Bluetooth, and the first ciphertext is generated by the second electronic device using the key to encrypt the first plaintext.
  • the decryption module 906 is configured to decrypt the first ciphertext by using the key by the second processor to obtain the first plaintext.
  • the above encrypted communication device is applied to a first electronic device including a first processor and a second processor.
  • the first processor communicates through the encrypted channel of the first Bluetooth, and the second processor communicates through the non-encrypted channel of the second Bluetooth. Communication, the power consumption of the second Bluetooth is lower than the power consumption of the first Bluetooth; the first processor receives the key sent by the second electronic device, and sends the key to the second processor; the key is the second electronic device.
  • the encryption key is sent to the first processor through the first Bluetooth encryption channel, which can ensure the security of the key; when the first electronic device is switched to the system where the second processor is located, that is, the first electronic device communicates with the second processor through the second processor.
  • the second electronic device communicates, and the second processor communicates through the non-encrypted channel of the second Bluetooth, and receives the first ciphertext sent by the second electronic device through the second processor;
  • a ciphertext is decrypted to obtain the first plaintext, which avoids data leakage when the second electronic device communicates with the second processor in plaintext, and improves the security of communication between the second electronic device and the first electronic device.
  • the power consumption of the communication can be reduced.
  • the aforementioned encrypted communication device 900 further includes a matching module, configured to receive the identification of the second electronic device sent by the second electronic device through the first processor, and send the identification of the second electronic device to the second processor.
  • the identification of the second electronic device is sent by the second electronic device through the encrypted channel of the first Bluetooth; when the first electronic device is switched to the system where the second processor is located, the second electronic device received by the second processor.
  • the device identification is matched with each candidate device connected to the first electronic device; when there is a second electronic device that matches the candidate device, the candidate device that matches the identification of the second electronic device is the second electronic device, execute The first ciphertext operation sent by the second electronic device is received by the second processor.
  • the above-mentioned encrypted communication device 900 further includes an encryption module for obtaining the second plaintext through the second processor; encrypting the second plaintext with a key to generate the second ciphertext, and using the second Bluetooth
  • the encrypted channel is sent to the second electronic device; the second ciphertext is used to instruct the second electronic device to use the key to decrypt the second ciphertext to obtain the second plaintext.
  • the above-mentioned encrypted communication device 900 further includes a current running system judgment module, which is used to judge the currently running system when the first connection with the second electronic device is detected; when the current running system is where the first processor is located When the system of the first processor is used, the operation of receiving the key sent by the second electronic device through the first processor is executed; when the currently running system is the system where the second processor is located, the first electronic device is switched to the system where the first processor is located Execute the operation of receiving the key sent by the second electronic device through the first processor.
  • a current running system judgment module which is used to judge the currently running system when the first connection with the second electronic device is detected; when the current running system is where the first processor is located When the system of the first processor is used, the operation of receiving the key sent by the second electronic device through the first processor is executed; when the currently running system is the system where the second processor is located, the first electronic device is switched to the system where the first processor is located Execute the operation of receiving the key sent by the second electronic device through the first processor.
  • Fig. 10 is a structural block diagram of an encrypted communication device according to an embodiment.
  • an encrypted communication device 1000 is provided, which is applied to a second electronic device that communicates with a first electronic device.
  • the first electronic device includes a first processor and a second processor.
  • the encrypted channel of the first Bluetooth communicates, and the second processor communicates through the non-encrypted channel of the second Bluetooth.
  • the power consumption of the second Bluetooth is lower than that of the first Bluetooth; the device includes: a key generation module 1002, a secret The key sending module 1004 and the first ciphertext sending module 1006, where:
  • the key generation module 1002 is used to generate keys.
  • the key sending module 1004 is used to send the key to the first processor in the first electronic device through the first Bluetooth encryption channel; the key is used to instruct the first processor to send the received key to the second processor Device.
  • the first ciphertext sending module 1006 is configured to send the first ciphertext to the first ciphertext in the first electronic device through the second Bluetooth non-encrypted channel when it is detected that the first electronic device is switched to the system where the second processor is located. Two processors; the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used to instruct the second processor to use the key to decrypt the first ciphertext to obtain The first plaintext.
  • the aforementioned encrypted communication device is applied to a second electronic device that communicates with a first electronic device.
  • the first electronic device includes a first processor and a second processor.
  • the first processor communicates through a first Bluetooth encryption channel.
  • the second processor communicates through the non-encrypted channel of the second Bluetooth; the power consumption of the second Bluetooth is lower than that of the first Bluetooth; generates a key; sends the key to the first electronic device through the encrypted channel of the first Bluetooth
  • the first processor can ensure the security of the key; the key is used to instruct the first processor to send the received key to the second processor; when it is detected that the first electronic device is switched to the second processor
  • the first electronic device communicates with the second electronic device through the second processor, and the second processor communicates through the second Bluetooth non-encrypted channel, passing the first ciphertext through the second Bluetooth non-encrypted channel Sent to the second processor in the first electronic device; the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using
  • the aforementioned encrypted communication device 1000 further includes an identification sending module of the second electronic device, configured to send the identification of the second electronic device to the first processor in the first electronic device through the encryption channel of the first Bluetooth.
  • the identification of the second electronic device is used to instruct the first processor to send the received identification of the second electronic device to the second processor, and the received identification of the second electronic device is connected to the first electronic device through the second processor
  • the candidate device that matches the identification of the second electronic device is the second electronic device, and the second electronic device is received by the second processor The first ciphertext sent.
  • the above-mentioned encrypted communication device 1000 further includes a key acquisition module for sending the key to the server; when the second electronic device clears the key, the identification of the connected first electronic device is acquired, and the The identification of the first electronic device is sent to the server; the identification of the first electronic device is used to instruct the server to obtain a key that matches the identification of the first electronic device; and the key that matches the identification of the first electronic device sent by the server is received .
  • the encrypted communication device can be divided into different modules as required to complete all or part of the functions of the above-mentioned encrypted communication device.
  • Each module in the aforementioned encrypted communication device can be implemented in whole or in part by software, hardware, and a combination thereof.
  • the above-mentioned modules may be embedded in the form of hardware or independent of the processor in the computer equipment, or may be stored in the memory of the computer equipment in the form of software, so that the processor can call and execute the operations corresponding to the above-mentioned modules.
  • FIG. 11 is a schematic diagram of the internal structure of an electronic device in an embodiment.
  • the electronic device includes a processor and a memory connected through a system bus.
  • the processor is used to provide computing and control capabilities to support the operation of the entire electronic device.
  • the memory may include a non-volatile storage medium and internal memory.
  • the non-volatile storage medium stores an operating system and a computer program.
  • the computer program can be executed by the processor to implement an encrypted communication method provided in the following embodiments.
  • the internal memory provides a cached operating environment for the operating system computer program in the non-volatile storage medium.
  • the electronic device can be any terminal device such as a mobile phone, a tablet computer, a PDA (Personal Digital Assistant), a POS (Point of Sales), a vehicle-mounted computer, and a wearable device.
  • each module in the encrypted communication device provided in the embodiment of the present application may be in the form of a computer program.
  • the computer program can be run on a terminal or a server.
  • the program module constituted by the computer program can be stored in the memory of the electronic device.
  • the embodiment of the present application also provides a computer-readable storage medium.
  • a computer program product containing instructions that, when run on a computer, causes the computer to execute an encrypted communication method.
  • Non-volatile memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory.
  • Volatile memory may include random access memory (RAM), which acts as external cache memory.
  • RAM is available in many forms, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), synchronous Link (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
  • SRAM static RAM
  • DRAM dynamic RAM
  • SDRAM synchronous DRAM
  • DDR SDRAM double data rate SDRAM
  • ESDRAM enhanced SDRAM
  • SLDRAM synchronous Link (Synchlink) DRAM
  • Rambus direct RAM
  • DRAM direct memory bus dynamic RAM
  • RDRAM memory bus dynamic RAM

Abstract

An encrypted communication method, which is applied to a first electronic device that comprises a first processor and a second processor, wherein the first processor performs communication by means of an encrypted channel of first Bluetooth, and the second processor performs communication by means of an unencrypted channel of second Bluetooth. The method comprises: receiving, by means of a first processor, a key sent by a second electronic device, and sending the key to a second processor, wherein the key is sent to the first processor by the second electronic device by means of an encrypted channel of first Bluetooth; when the first electronic device is switched to a system where the second processor is located, receiving, by means of the second processor, a first ciphertext sent by the second electronic device, wherein the first ciphertext is sent to the second processor by the second electronic device by means of an unencrypted channel of second Bluetooth; and decrypting the first ciphertext by means of the second processor and by using the key, so as to obtain a first plaintext.

Description

加密通信方法、装置、电子设备和计算机可读存储介质Encrypted communication method, device, electronic equipment and computer readable storage medium
相关申请的交叉引用Cross-references to related applications
本申请要求于2020年03月09日提交中国专利局、申请号为202010155715.X、发明名称为“加密通信方法、装置、电子设备和计算机可读存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office, the application number is 202010155715.X, and the invention title is "encrypted communication methods, devices, electronic equipment, and computer-readable storage media" on March 9, 2020. The entire content is incorporated into this application by reference.
技术领域Technical field
本申请涉及通信技术领域,特别是涉及一种加密通信方法、装置、电子设备和计算机可读存储介质。This application relates to the field of communication technology, and in particular to an encrypted communication method, device, electronic equipment, and computer-readable storage medium.
背景技术Background technique
随着通信技术的发展,出现了蓝牙通信技术。蓝牙,是一种支持设备短距离通信(一般10m内)的无线电技术,能在包括移动电话、PDA(Personal Digital Assistant)、无线耳机、笔记本电脑、相关外设等众多设备之间进行无线信息交换。With the development of communication technology, Bluetooth communication technology has emerged. Bluetooth is a radio technology that supports device short-distance communication (generally within 10m). It can exchange information wirelessly among many devices including mobile phones, PDAs (Personal Digital Assistant), wireless headsets, notebook computers, and related peripherals. .
然而,传统的采用蓝牙进行通信的方法,存在安全性低的问题。However, the traditional method of using Bluetooth for communication has the problem of low security.
发明内容Summary of the invention
根据本申请的各种实施例提供了一种加密通信方法、装置、电子设备、计算机可读存储介质。According to various embodiments of the present application, an encrypted communication method, device, electronic device, and computer-readable storage medium are provided.
一种加密通信方法,应用于包括第一处理器和第二处理器的第一电子设备,所述第一处理器通过第一蓝牙的加密通道进行通信,所述第二处理器通过第二蓝牙的非加密通道进行通信;所述方法包括:An encrypted communication method, which is applied to a first electronic device including a first processor and a second processor, the first processor communicates through an encrypted channel of a first Bluetooth, and the second processor communicates through a second Bluetooth To communicate through an unencrypted channel; the method includes:
通过所述第一处理器接收第二电子设备发送的密钥,并将所述密钥发送至所述第二处理器;所述密钥是所述第二电子设备通过所述第一蓝牙的加密通道发送至所述第一处理器的,所述密钥是所述第二电子设备生成的;Receive the key sent by the second electronic device through the first processor, and send the key to the second processor; the key is the key sent by the second electronic device through the first Bluetooth The encryption channel is sent to the first processor, and the key is generated by the second electronic device;
当所述第一电子设备切换至所述第二处理器所在的系统时,通过所述第二处理器接收所述第二电子设备发送的第一密文;所述第一密文是所述第二电子设备通过所述第二蓝牙的非加密通道向所述第二处理器发送的,所述第一密文是所述第二电子设备采用所述密钥对第一明文进行加密生成的;When the first electronic device switches to the system where the second processor is located, the second processor receives the first ciphertext sent by the second electronic device; the first ciphertext is the The second electronic device sends to the second processor through the second Bluetooth non-encrypted channel, the first ciphertext is generated by the second electronic device using the key to encrypt the first plaintext ;
通过所述第二处理器采用所述密钥对所述第一密文进行解密,得到所述第一明文。The second processor uses the key to decrypt the first ciphertext to obtain the first plaintext.
一种加密通信装置,应用于包括第一处理器和第二处理器的第一电子设备,所述第一处理器通过第一蓝牙的加密通道进行通信,所述第二处理器通过第二蓝牙的非加密通道进行通信;包括:An encrypted communication device, which is applied to a first electronic device including a first processor and a second processor, the first processor communicates through an encrypted channel of a first Bluetooth, and the second processor communicates through a second Bluetooth Unencrypted channel for communication; including:
密钥接收模块,用于通过所述第一处理器接收第二电子设备发送的密钥,并将所述密钥发送至所述第二处理器;所述密钥是所述第二电子设备通过所述第一蓝牙的加密通道发送至所述第一处理器的,所述密钥是所述第二电子设备生成的;The key receiving module is configured to receive the key sent by the second electronic device through the first processor, and send the key to the second processor; the key is the second electronic device Sent to the first processor through the first Bluetooth encryption channel, and the key is generated by the second electronic device;
第一密文接收模块,用于当所述第一电子设备切换至所述第二处理器所在的系统时,通过所述第二处理器接收所述第二电子设备发送的第一密文;所述第一密文是所述第二电子设备通过所述第二蓝牙的非加密通道向所述第二处理器发送的,所述第一密文是所述第二电子设备采用所述密钥对第一明文进行加密生成的;The first ciphertext receiving module is configured to receive the first ciphertext sent by the second electronic device through the second processor when the first electronic device is switched to the system where the second processor is located; The first ciphertext is sent by the second electronic device to the second processor through the second Bluetooth non-encrypted channel, and the first ciphertext is the second electronic device using the secret The key is generated by encrypting the first plaintext;
解密模块,用于通过所述第二处理器采用所述密钥对所述第一密文进行解密,得到所述第一明文。The decryption module is configured to decrypt the first ciphertext using the key by the second processor to obtain the first plaintext.
一种电子设备,包括存储器及处理器,所述存储器中储存有计算机程序,所述计算机程序被所述处理器执行时,使得所述处理器执行如上述的加密通信方法的操作。An electronic device includes a memory and a processor, and a computer program is stored in the memory. When the computer program is executed by the processor, the processor causes the processor to perform the operation of the encrypted communication method described above.
一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现如上述的方法的操作。A computer-readable storage medium with a computer program stored thereon, and when the computer program is executed by a processor, the operation of the above-mentioned method is realized.
上述加密通信方法、装置、电子设备和计算机可读存储介质,应用于包括第一处理器和第二处理器的第一电子设备,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信;通过第一处理器接收第二电子设备发送的密钥,并将密钥发送至第二处理器;密钥是第二电子设备通过第一蓝牙的加密通道发送至第一处理器的,可以保证密钥的安全性;当第一电子设备切换至第二处理器所在的系统时,即第一电子设备通过第二处理器与第二电子设备进行通信,而第二处理器通过第二蓝牙的非加密通道进行通信,通过第二处理器接收第二电子设备发送的第一密文;通过第二处理器采用密钥对第一密文进行解密,得到第一明文,避免了第二电子设备与第二处理器采用明文通信时数据的泄露,提高了第二电子设备与第一电子设备通信的安全性。The aforementioned encrypted communication method, device, electronic device, and computer-readable storage medium are applied to a first electronic device including a first processor and a second processor. The first processor communicates through the first Bluetooth encryption channel, and the second The processor communicates through the non-encrypted channel of the second Bluetooth; receives the key sent by the second electronic device through the first processor, and sends the key to the second processor; the key is the second electronic device through the first Bluetooth When the encrypted channel of the first electronic device is sent to the first processor, the security of the key can be guaranteed; when the first electronic device is switched to the system where the second processor is located, that is, the first electronic device passes through the second processor and the second electronic device To communicate, and the second processor communicates through the non-encrypted channel of the second Bluetooth, receives the first ciphertext sent by the second electronic device through the second processor; uses the key to perform the first ciphertext through the second processor Decryption to obtain the first plaintext prevents data leakage when the second electronic device communicates with the second processor in plaintext, and improves the security of communication between the second electronic device and the first electronic device.
一种加密通信方法,应用于与第一电子设备进行通信的第二电子设备,所述第一电子设备包括第一处理器和第二处理器,所述第一处理器通过第一蓝牙的加密通道进行通信,所述第二处理器通过第二蓝牙的非加密通道进行通信;所述方法包括:An encrypted communication method, applied to a second electronic device that communicates with a first electronic device, the first electronic device includes a first processor and a second processor, and the first processor is encrypted by a first Bluetooth Communication through a second Bluetooth channel, and the second processor communicates through a second Bluetooth non-encrypted channel; the method includes:
生成密钥;Generate key;
将所述密钥通过所述第一蓝牙的加密通道发送至所述第一电子设备中的所述第一处理器;所述密钥用于指示所述第一处理器将接收的所述密钥发送至所述第二处理器;The key is sent to the first processor in the first electronic device through the first Bluetooth encryption channel; the key is used to instruct the first processor to receive the secret Sending the key to the second processor;
当检测到所述第一电子设备切换至所述第二处理器所在的系统时,将第一密文通过所述第二蓝牙的非加密通道发送至所述第一电子设备中的所述第二处理器;所述第一密文是所述第二电子设备采用所述密钥对获取的第一明文进行加密得到的,所述第一密文用于指示所述第二处理器采用所述密钥对所述第一密文进行解密,得到所述第一明文。When it is detected that the first electronic device is switched to the system where the second processor is located, the first ciphertext is sent to the first ciphertext in the first electronic device through the non-encrypted channel of the second Bluetooth The second processor; the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used to instruct the second processor to use the The key decrypts the first ciphertext to obtain the first plaintext.
一种加密通信装置,应用于与第一电子设备进行通信的第二电子设备,所述第一电子设备包括第一处理器和第二处理器,所述第一处理器通过第一蓝牙的加密通道进行通信,所述第二处理器通过第二蓝牙的非加密通道进行通信;所述装置包括:An encrypted communication device applied to a second electronic device that communicates with a first electronic device. The first electronic device includes a first processor and a second processor. The first processor is encrypted by a first Bluetooth Communication through a channel, and the second processor communicates through a second Bluetooth non-encrypted channel; the device includes:
密钥生成模块,用于生成密钥;Key generation module, used to generate keys;
密钥发送模块,用于将所述密钥通过所述第一蓝牙的加密通道发送至所述第一电子设备中的所述第一处理器;所述密钥用于指示所述第一处理器将接收的所述密钥发送至所述第二处理器;A key sending module, configured to send the key to the first processor in the first electronic device through the first Bluetooth encryption channel; the key is used to instruct the first processing Sending the received key to the second processor;
第一密文发送模块,用于当检测到所述第一电子设备切换至所述第二处理器所在的系统时,将第一密文通过所述第二蓝牙的非加密通道发送至所述第一电子设备中的所述第二处理器;所述第一密文是所述第二电子设备采用所述密钥对获取的第一明文进行加密得到的,所述第一密文用于指示所述第二处理器采用所述密钥对所述第一密文进行解密,得到所述第一明文。The first ciphertext sending module is configured to send the first ciphertext to the system through the second Bluetooth unencrypted channel when it is detected that the first electronic device is switched to the system where the second processor is located. The second processor in the first electronic device; the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used for Instruct the second processor to decrypt the first ciphertext by using the key to obtain the first plaintext.
一种电子设备,包括存储器及处理器,所述存储器中储存有计算机程序,所述计算机程序被所述处理器执行时,使得所述处理器执行如上述的加密通信方法的操作。An electronic device includes a memory and a processor, and a computer program is stored in the memory. When the computer program is executed by the processor, the processor causes the processor to perform the operation of the encrypted communication method described above.
一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现如上述的方法的操作。A computer-readable storage medium with a computer program stored thereon, and when the computer program is executed by a processor, the operation of the above-mentioned method is realized.
上述加密通信方法、装置、电子设备和计算机可读存储介质,应用于与第一电子设备进行通信的第二电子设备,第一电子设备包括第一处理器和第二处理器,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信;生成密钥;将密钥通过第一蓝牙的加密通道发送至第一电子设备中的第一处理器,可以保证密钥的安全性;密钥用于指示第一处理器将接收的密钥发送至第二处理器;当检测到第一电子设备切换至第二处理器所在的系统时,即第一电子设备通过第二处理器与第二电子设备进行通信,而第二处理器通过第二蓝牙的非加密通道进行通信,将第一密文通过第二蓝牙的非加密通道发送至第一电子设备中的第二处理器;第一密文是第二电子设备采用密钥对获取的第一明文进行加密得到的,第一密文用于指示第二处理器采用密钥对第一密文进行解密,得到第一明文,避 免了第二电子设备与第二处理器采用明文通信时数据的泄露,提高了第二电子设备与第一电子设备通信的安全性。The aforementioned encrypted communication method, device, electronic device, and computer-readable storage medium are applied to a second electronic device that communicates with a first electronic device. The first electronic device includes a first processor and a second processor. The first processor Communicate through the encrypted channel of the first Bluetooth, the second processor communicates through the non-encrypted channel of the second Bluetooth; generate a key; send the key to the first processing in the first electronic device through the encrypted channel of the first Bluetooth The security of the key can be guaranteed; the key is used to instruct the first processor to send the received key to the second processor; when it is detected that the first electronic device is switched to the system where the second processor is located, that is The first electronic device communicates with the second electronic device through the second processor, and the second processor communicates through the second Bluetooth unencrypted channel, and sends the first ciphertext to the first through the second Bluetooth unencrypted channel. The second processor in the electronic device; the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used to instruct the second processor to use the key to pair the first ciphertext The text is decrypted to obtain the first plain text, which avoids data leakage when the second electronic device communicates with the second processor in plain text, and improves the security of communication between the second electronic device and the first electronic device.
附图说明Description of the drawings
为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly describe the technical solutions in the embodiments of the present application or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the drawings in the following description are only These are some embodiments of the present application. For those of ordinary skill in the art, other drawings can be obtained based on these drawings without creative work.
图1为一个实施例中加密通信方法的应用环境图。Fig. 1 is an application environment diagram of an encrypted communication method in an embodiment.
图2为一个实施例中加密通信方法的流程图。Fig. 2 is a flowchart of an encrypted communication method in an embodiment.
图3a为一个实施例中第一电子设备处于手表模式下通信的示意图。Figure 3a is a schematic diagram of the first electronic device communicating in a watch mode in an embodiment.
图3b为一个实施例中第一电子设备处于手环模式下通信的示意图。Figure 3b is a schematic diagram of the first electronic device communicating in a bracelet mode in an embodiment.
图4为一个实施例中第一电子设备切换至第二处理器所在的系统的流程图。Fig. 4 is a flow chart of switching the first electronic device to the system where the second processor is located in an embodiment.
图5a为一个实施例中第一电子设备处于第一处理器所在的系统时第一处理器所控制的外设的示意图。Fig. 5a is a schematic diagram of peripherals controlled by the first processor when the first electronic device is in the system where the first processor is located in an embodiment.
图5b为一个实施例中第一电子设备处于第二处理器所在的系统时第二处理器所控制的外设的示意图。Fig. 5b is a schematic diagram of peripherals controlled by the second processor when the first electronic device is in the system where the second processor is located in an embodiment.
图6为一个实施例中操作第二电子设备标识进行匹配的流程图。Fig. 6 is a flowchart of operating a second electronic device identifier for matching in an embodiment.
图7为另一个实施例中加密通信方法的流程图。Fig. 7 is a flowchart of an encrypted communication method in another embodiment.
图8为另一个实施例中加密通信方法的流程图。Fig. 8 is a flowchart of an encrypted communication method in another embodiment.
图9为一个实施例中加密通信装置的结构框图。Fig. 9 is a structural block diagram of an encrypted communication device in an embodiment.
图10为另一个实施例中加密通信装置的结构框图。Fig. 10 is a structural block diagram of an encrypted communication device in another embodiment.
图11为一个实施例中电子设备的内部结构示意图。FIG. 11 is a schematic diagram of the internal structure of an electronic device in an embodiment.
具体实施方式Detailed ways
为了使本申请的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本申请进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本申请,并不用于限定本申请。In order to make the purpose, technical solutions, and advantages of this application clearer and clearer, the following further describes the application in detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present application, and are not used to limit the present application.
可以理解,本申请所使用的术语“第一”、“第二”等可在本文中用于描述各种元件,但这些元件不受这些术语限制。这些术语仅用于将第一个元件与另一个元件区分。举例来说,在不脱离本申请的范围的情况下,可以将第一电子设备称为第二电子设备,且类似地,可将第二电子设备称为第一电子设备。第一电子设备和第二电子设备两者都是电子设备,但其不是同一电子设备。It can be understood that the terms "first", "second", etc. used in this application can be used herein to describe various elements, but these elements are not limited by these terms. These terms are only used to distinguish the first element from another element. For example, without departing from the scope of the present application, the first electronic device may be referred to as the second electronic device, and similarly, the second electronic device may be referred to as the first electronic device. Both the first electronic device and the second electronic device are electronic devices, but they are not the same electronic device.
图1为一个实施例中加密通信方法的应用环境示意图。如图1所示,该应用环境包括第一电子设备102、第二电子设备104和服务器106。第一电子设备102与第二电子设备104通过蓝牙进行连接和通信。其中,第一电子设备102包括第一处理器和第二处理器,第一处理器通过第一蓝牙的加密通道与第二电子设备104进行通信,第二处理器通过第二蓝牙的非加密通道与第二电子设备104进行通信。第二电子设备104与服务器106通过网络进行通信。其中,第一电子设备102可以但不限于是智能手环和可穿戴设备,第二电子设备104可以但不限于是各种个人计算机、笔记本电脑、智能手机、平板电脑和便携式可穿戴设备,服务器106可以用独立的服务器或者是多个服务器组成的服务器集群来实现。Fig. 1 is a schematic diagram of an application environment of an encrypted communication method in an embodiment. As shown in FIG. 1, the application environment includes a first electronic device 102, a second electronic device 104, and a server 106. The first electronic device 102 and the second electronic device 104 are connected and communicated via Bluetooth. Among them, the first electronic device 102 includes a first processor and a second processor. The first processor communicates with the second electronic device 104 through the first Bluetooth encrypted channel, and the second processor communicates with the second Bluetooth non-encrypted channel. Communicate with the second electronic device 104. The second electronic device 104 communicates with the server 106 through a network. Among them, the first electronic device 102 can be, but not limited to, smart bracelets and wearable devices, and the second electronic device 104 can be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices, and servers. 106 can be implemented with an independent server or a server cluster composed of multiple servers.
图2为一个实施例中加密通信方法的流程图。本实施例中的加密通信方法,应用于包括第一处理器和第二处理器的第一电子设备,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信,第二蓝牙的功耗低于第一蓝牙的功耗。如图2所示,加密通信方法包括操作202至操作206。Fig. 2 is a flowchart of an encrypted communication method in an embodiment. The encrypted communication method in this embodiment is applied to a first electronic device including a first processor and a second processor. The first processor communicates through the encrypted channel of the first Bluetooth, and the second processor communicates through the second Bluetooth For communication in an unencrypted channel, the power consumption of the second Bluetooth is lower than the power consumption of the first Bluetooth. As shown in FIG. 2, the encrypted communication method includes operation 202 to operation 206.
操作202,通过第一处理器接收第二电子设备发送的密钥,并将密钥发送至第二处理器;密钥是第二电子设备通过第一蓝牙的加密通道发送至第一处理器的,密钥是第二电子设备生成的。In operation 202, the key sent by the second electronic device is received by the first processor, and the key is sent to the second processor; the key is sent by the second electronic device to the first processor through the encryption channel of the first Bluetooth. , The key is generated by the second electronic device.
在第一电子设备中,包括第一处理器和第二处理器。其中,第一处理器可以作为主处理器,第二处理器可以作为协处理器;也可以第一处理器作为协处理器,第二处理器作为主处理器。The first electronic device includes a first processor and a second processor. Among them, the first processor may be used as a main processor, and the second processor may be used as a coprocessor; or the first processor may be used as a coprocessor, and the second processor may be used as a main processor.
在第一电子设备中,包括第一处理器所在的系统和第二处理器所在的系统,即第一电子设备为双系统的电子设备。例如,第一处理器所在的系统为Android系统(安卓系统),第二处理器所在的系统为RTOS系统(Real-time operating system,实时操作系统)。The first electronic device includes a system where the first processor is located and a system where the second processor is located, that is, the first electronic device is a dual-system electronic device. For example, the system where the first processor is located is the Android system (Android system), and the system where the second processor is located is the RTOS system (Real-time operating system, real-time operating system).
当第一电子设备处于第一处理器所在的系统时,第一电子设备采用第一处理器进行通信;当第一电子设备处于第二处理器所在的系统时,第一电子设备采用第二处理器进行通信。When the first electronic device is in the system where the first processor is located, the first electronic device uses the first processor to communicate; when the first electronic device is in the system where the second processor is located, the first electronic device uses the second processing Device to communicate.
当第一电子设备处于第一处理器所在的系统时,第一电子设备的工作模式为第一模式;当第一电子设备处于第二处理器所在的系统时,第一电子设备的工作模式为第二模式。其中,第一模式采用第一处理器进行通信,第二模式采用第二处理器进行通信;第一模式的功耗低于第二模式的功耗。When the first electronic device is in the system where the first processor is located, the working mode of the first electronic device is the first mode; when the first electronic device is in the system where the second processor is located, the working mode of the first electronic device is The second mode. Among them, the first mode uses the first processor for communication, and the second mode uses the second processor for communication; the power consumption of the first mode is lower than that of the second mode.
例如,第一电子设备可以为智能手环,包括双系统,即包括第一处理器所在的系统和第二处理器所在的系统,第一处理器所在的系统可以为Android系统,第二处理器所在的系统为RTOS系统。当智能手环处于Android系统时,智能手环的第一模式可以为手表模式(Watch Mode),Android系统可以提供较完备的功能;当智能手环处于RTOS系统时,智能手环的第二模式可以为手环模式(Twist Band Mode),RTOS系统可以提供低功耗的超长待机能力。For example, the first electronic device may be a smart bracelet, including dual systems, that is, including the system where the first processor is located and the system where the second processor is located, the system where the first processor is located may be an Android system, and the second processor The system is an RTOS system. When the smart bracelet is in the Android system, the first mode of the smart bracelet can be Watch Mode, and the Android system can provide more complete functions; when the smart bracelet is in the RTOS system, the second mode of the smart bracelet It can be in Twist Band Mode, and the RTOS system can provide low power consumption and long standby capability.
蓝牙,是一种支持设备短距离通信(一般10m内)的无线电技术,能在包括移动电话、PDA(Personal Digital Assistant)、无线耳机、笔记本电脑、相关外设等众多设备之间进行无线信息交换。Bluetooth is a radio technology that supports device short-distance communication (generally within 10m). It can exchange information wirelessly among many devices including mobile phones, PDAs (Personal Digital Assistant), wireless headsets, notebook computers, and related peripherals. .
蓝牙包括经典蓝牙、低功耗蓝牙等。经典蓝牙包括BR(Basic Rate)蓝牙、EDR(Enhanced Data Rate)蓝牙等。低功耗蓝牙包括BLE(Bluetooth Low Energy)蓝牙。第一蓝牙和第二蓝牙均可以是以上蓝牙的其中一种,并且第二蓝牙的功耗低于第一蓝牙的功耗。例如,第一蓝牙可以是经典蓝牙BR蓝牙或者是EDR蓝牙,第二蓝牙可以是BLE蓝牙。Bluetooth includes classic Bluetooth, low energy Bluetooth and so on. Classic Bluetooth includes BR (Basic Rate) Bluetooth, EDR (Enhanced Data Rate) Bluetooth, etc. Bluetooth Low Energy includes BLE (Bluetooth Low Energy) Bluetooth. Both the first Bluetooth and the second Bluetooth may be one of the above Bluetooth, and the power consumption of the second Bluetooth is lower than the power consumption of the first Bluetooth. For example, the first Bluetooth may be classic Bluetooth BR Bluetooth or EDR Bluetooth, and the second Bluetooth may be BLE Bluetooth.
通过第一处理器接收第二电子设备发送的密钥,并通过第一处理器将接收的密钥发送至第二处理器。可以理解的是,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信,而第一处理器通过第一蓝牙的加密通道接收第二电子设备发送的密钥,避免了第二处理器通过第二蓝牙的非加密通道接收第二电子设备发送的密钥,而造成的密钥泄露的问题,可以保证密钥的安全性。The key sent by the second electronic device is received by the first processor, and the received key is sent to the second processor by the first processor. It is understandable that the first processor communicates through the encrypted channel of the first Bluetooth, the second processor communicates through the unencrypted channel of the second Bluetooth, and the first processor receives the second electronic channel through the encrypted channel of the first Bluetooth. The key sent by the device avoids the problem of key leakage caused by the second processor receiving the key sent by the second electronic device through the non-encrypted channel of the second Bluetooth, and the security of the key can be ensured.
在一个实施例中,第一电子设备为智能手环,当第一电子设备运行第一处理器所在的系统时,第一电子设备处于手表模式;当第一电子设备运行第二处理器所在的系统时,第一电子设备处于手环模式。In one embodiment, the first electronic device is a smart bracelet. When the first electronic device runs the system where the first processor is located, the first electronic device is in watch mode; when the first electronic device runs the system where the second processor is located, In the system, the first electronic device is in the bracelet mode.
如图3a所示,第一电子设备302包括第一处理器和第二处理器,第二电子设备304中安装有目标应用程序。当第一电子设备处于手表模式时,第一电子设备302中的第一处理器通过第一蓝牙的加密通道与第二电子设备304中的目标应用程序进行通信。As shown in FIG. 3a, the first electronic device 302 includes a first processor and a second processor, and the second electronic device 304 is installed with a target application program. When the first electronic device is in the watch mode, the first processor in the first electronic device 302 communicates with the target application in the second electronic device 304 through the encrypted channel of the first Bluetooth.
如图3b所示,当第一电子设备处于手环模式时,第一电子设备302中的第二处理器通过第一蓝牙的非加密通道与第二电子设备304中的目标应用程序进行通信。As shown in FIG. 3b, when the first electronic device is in the bracelet mode, the second processor in the first electronic device 302 communicates with the target application in the second electronic device 304 through the unencrypted channel of the first Bluetooth.
操作204,当第一电子设备切换至第二处理器所在的系统时,通过第二处理器接收第二电子设备发送的第一密文;第一密文是第二电子设备通过第二蓝牙的非加密通道向第二处理器发送的,第一密文是第二电子设备采用密钥对第一明文进行加密生成的。 Operation 204, when the first electronic device is switched to the system where the second processor is located, receive the first ciphertext sent by the second electronic device through the second processor; The non-encrypted channel is sent to the second processor, and the first ciphertext is generated by the second electronic device using the key to encrypt the first plaintext.
当第一电子设备处于第一处理器所在的系统时,第一电子设备中的第一处理器通过第一蓝牙的加密通道与第二电子设备进行通信。而当第一电子设备切换至第二处理器所在的系统时,第一电子设备中的第二处理器通过第二蓝牙的非加密通道与第二电子设备进行通信。可 以理解的是,第二蓝牙的非加密通道安全性低。因此,当第一电子设备切换至第二处理器所在的系统时,为了保证通信数据的安全性,第一电子设备中的第二处理器与第二电子设备对通信数据进行加密,再通过第二蓝牙的非加密通道进行传输。When the first electronic device is in the system where the first processor is located, the first processor in the first electronic device communicates with the second electronic device through the encrypted channel of the first Bluetooth. When the first electronic device is switched to the system where the second processor is located, the second processor in the first electronic device communicates with the second electronic device through the non-encrypted channel of the second Bluetooth. It can be understood that the unencrypted channel of the second Bluetooth has low security. Therefore, when the first electronic device is switched to the system where the second processor is located, in order to ensure the security of the communication data, the second processor in the first electronic device and the second electronic device encrypt the communication data, and then pass the 2. The non-encrypted channel of Bluetooth is used for transmission.
在另一个实施例中,密钥是第二电子设备中的目标应用程序生成的,目标应用程序与第一电子设备相连接。例如,第一电子设备为智能手环,第二电子设备为智能手机,目标应用程序为健康APP;智能手环可以获取各种数据如用户每天步行里程、用户睡觉时长、用户的心跳频率等,并将各种数据发送至智能手机中的健康APP中;而健康APP可以获取用户的各种指令,如采集用户心跳频率的指令,并将各种指令发送至智能手环中。In another embodiment, the key is generated by a target application in the second electronic device, and the target application is connected to the first electronic device. For example, the first electronic device is a smart bracelet, the second electronic device is a smart phone, and the target application is a health APP; the smart bracelet can obtain various data such as the user’s daily walking mileage, the user’s sleep duration, the user’s heartbeat frequency, etc. And send various data to the health APP in the smart phone; and the health APP can obtain various instructions of the user, such as the instruction to collect the user's heartbeat frequency, and send various instructions to the smart bracelet.
在一个实施例中,如图4所示,第一电子设备为智能手环,当第一电子设备处于第一处理器所在的系统时,第一电子设备是手表模式;当第一电子设备处于第二处理器所在的系统时,第一电子设备是手环模式。当智能手环由手表模式切换至手环模式时,执行操作402,触发手环模式;执行操作404,显示切换动画;执行操作406,关闭第一蓝牙;执行操作408,释放屏幕控制权。第一电子设备的第一处理器将切换指令发送至第二处理器。其中,切换指令可以是MSG:REQ_HOST_BAND_MODE。当第一处理器释放屏幕控制权之后,第一处理器处于关闭状态。当第二处理器接收到切换指令时,执行操作410,写手环模式标志位;执行操作412,启动手环模式。In one embodiment, as shown in Figure 4, the first electronic device is a smart bracelet. When the first electronic device is in the system where the first processor is located, the first electronic device is in watch mode; when the first electronic device is in When the system where the second processor is located, the first electronic device is in the bracelet mode. When the smart bracelet is switched from the watch mode to the bracelet mode, perform operation 402 to trigger the bracelet mode; perform operation 404 to display the switching animation; perform operation 406 to turn off the first Bluetooth; perform operation 408 to release screen control. The first processor of the first electronic device sends the switching instruction to the second processor. Among them, the switching instruction can be MSG: REQ_HOST_BAND_MODE. After the first processor releases the screen control right, the first processor is in the off state. When the second processor receives the switching instruction, it executes operation 410 to write the bracelet mode flag bit; executes operation 412 to activate the bracelet mode.
操作206,通过第二处理器采用密钥对第一密文进行解密,得到第一明文。In operation 206, the second processor uses the key to decrypt the first ciphertext to obtain the first plaintext.
第二电子设备发送至第二处理器的第一密文,是采用密钥进行加密的。而该密钥与第二处理器接收第一处理器发送的密钥相同。因此,第二处理器可以采用该密钥对第一密文进行解密,得到第一明文。The first ciphertext sent by the second electronic device to the second processor is encrypted using a key. The key is the same as the key sent by the first processor received by the second processor. Therefore, the second processor can use the key to decrypt the first ciphertext to obtain the first plaintext.
在本实施例中,上述加密通信方法,应用于包括第一处理器和第二处理器的第一电子设备,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信,第二蓝牙的功耗低于第一蓝牙的功耗;通过第一处理器接收第二电子设备发送的密钥,并将密钥发送至第二处理器;密钥是第二电子设备通过第一蓝牙的加密通道发送至第一处理器的,可以保证密钥的安全性;当第一电子设备切换至第二处理器所在的系统时,即第一电子设备通过第二处理器与第二电子设备进行通信,而第二处理器通过第二蓝牙的非加密通道进行通信,通过第二处理器接收第二电子设备发送的第一密文;通过第二处理器采用密钥对第一密文进行解密,得到第一明文,避免了第二电子设备与第二处理器采用明文通信时数据的泄露,提高了第二电子设备与第一电子设备通信的安全性。并且通过第二蓝牙的非加密通道进行通信时,可以降低通信的功耗。In this embodiment, the above-mentioned encrypted communication method is applied to a first electronic device including a first processor and a second processor. The first processor communicates through the first Bluetooth encryption channel, and the second processor communicates through the second The non-encrypted channel of Bluetooth for communication, the power consumption of the second Bluetooth is lower than the power consumption of the first Bluetooth; the first processor receives the key sent by the second electronic device, and sends the key to the second processor; The key is sent by the second electronic device to the first processor through the first Bluetooth encryption channel, which can ensure the security of the key; when the first electronic device is switched to the system where the second processor is located, the first electronic device The second processor communicates with the second electronic device, and the second processor communicates through the second Bluetooth non-encrypted channel, and receives the first ciphertext sent by the second electronic device through the second processor; through the second processing The device uses the key to decrypt the first ciphertext to obtain the first plaintext, avoiding data leakage when the second electronic device communicates with the second processor in plaintext, and improving the security of the communication between the second electronic device and the first electronic device sex. And when communicating through the non-encrypted channel of the second Bluetooth, the power consumption of the communication can be reduced.
在一个实施例中,第一电子设备为智能手环,如图5a所示,当智能手环处于手表模式时,即第一电子设备处于第一处理器所在的系统时,第一处理器可以控制Screen(显示屏幕)、TP(触摸屏),接收Key(密钥)。如图5b所示,当智能手环切换至手环模式时,即第一电子设备处于第二处理器所在的系统时,第二处理器可以控制Screen(显示屏幕)、TP(触摸屏),接收Key(密钥)。第二处理器还可以控制PPG、ECG、A+G、ALS、CAP、Magnetometer和Barometer。In one embodiment, the first electronic device is a smart bracelet, as shown in FIG. 5a, when the smart bracelet is in watch mode, that is, when the first electronic device is in the system where the first processor is located, the first processor may Control Screen (display screen), TP (touch screen), receive Key (key). As shown in Figure 5b, when the smart bracelet is switched to the bracelet mode, that is, when the first electronic device is in the system where the second processor is located, the second processor can control Screen (display screen), TP (touch screen), and receive Key. The second processor can also control PPG, ECG, A+G, ALS, CAP, Magnetometer and Barometer.
在一个实施例中,如图6所示,上述方法还包括:In an embodiment, as shown in FIG. 6, the above method further includes:
操作602,通过第一处理器接收第二电子设备发送的第二电子设备的标识,并将第二电子设备的标识发送至第二处理器;第二电子设备的标识是第二电子设备通过第一蓝牙的加密通道发送的。In operation 602, the identification of the second electronic device sent by the second electronic device is received by the first processor, and the identification of the second electronic device is sent to the second processor; the identification of the second electronic device is that the second electronic device passes the second electronic device A Bluetooth encrypted channel is sent.
第二电子设备的标识可以唯一标识第二电子设备。通过第二电子设备的标识可以唯一查找到第二电子设备。第二电子设备的标识可以是第二电子设备的MAC地址、第二电子设备的名称、字符串等其中的至少一种。The identification of the second electronic device may uniquely identify the second electronic device. The second electronic device can be uniquely found through the identification of the second electronic device. The identification of the second electronic device may be at least one of the MAC address of the second electronic device, the name of the second electronic device, a character string, and the like.
操作604,当第一电子设备切换至第二处理器所在的系统时,通过第二处理器将接收的第二电子设备的标识与连接第一电子设备的各个候选设备进行匹配。In operation 604, when the first electronic device is switched to the system where the second processor is located, the received identifier of the second electronic device is matched with each candidate device connected to the first electronic device through the second processor.
可以理解的是,第二处理器通过第二蓝牙的非加密通道进行通信,则处于第二处理器的通信范围内的候选设备均可以连接至第二处理器,与第二处理器进行通信。因此,第二处理 器将接收的第二电子设备的标识与相连接的各个候选设备进行匹配,从各个候选设备中查找第二电子设备,使得第二处理器与第二电子设备准确进行通信。It is understandable that, if the second processor communicates through the non-encrypted channel of the second Bluetooth, all candidate devices within the communication range of the second processor can be connected to the second processor and communicate with the second processor. Therefore, the second processor matches the received identifier of the second electronic device with each connected candidate device, and searches for the second electronic device from each candidate device, so that the second processor and the second electronic device accurately communicate.
操作606,当存在第二电子设备的标识与候选设备相匹配时,与第二电子设备的标识相匹配的候选设备为第二电子设备,执行通过第二处理器接收第二电子设备发送的第一密文操作。In operation 606, when there is an identifier of the second electronic device that matches the candidate device, the candidate device that matches the identifier of the second electronic device is the second electronic device, and executes the second processor to receive the second electronic device sent by the second electronic device. A ciphertext operation.
在本实施例中,通过第一处理器接收第二电子设备发送的第二电子设备的标识,并将第二电子设备的标识发送至第二处理器;第二电子设备的标识是第二电子设备通过第一蓝牙的加密通道发送的;当第一电子设备切换至第二处理器所在的系统时,通过第二处理器将接收的第二电子设备的标识与连接第一电子设备的各个候选设备进行匹配,无需在第一电子设备切换系统时用户再对第一电子设备和第二电子设备进行匹配,可以提高通信的效率。并且当存在第二电子设备的标识与候选设备相匹配时,与第二电子设备的标识相匹配的候选设备为第二电子设备,执行通过第二处理器接收第二电子设备发送的第一密文操作,通过第二电子设备的标识可以精准查找到第二电子设备,防止第一电子设备的周边设备的盗连或者误连,可以使得第二处理器精准与第二电子设备进行通信。In this embodiment, the first processor receives the identification of the second electronic device sent by the second electronic device, and sends the identification of the second electronic device to the second processor; the identification of the second electronic device is the second electronic device. The device is sent through the encrypted channel of the first Bluetooth; when the first electronic device is switched to the system where the second processor is located, the second processor will receive the identification of the second electronic device with each candidate connected to the first electronic device The device is matched, and the user does not need to match the first electronic device with the second electronic device when the first electronic device switches the system, which can improve the efficiency of communication. And when the identification of the second electronic device matches the candidate device, the candidate device that matches the identification of the second electronic device is the second electronic device, and the second electronic device receives the first secret sent by the second electronic device through the second processor. With text operation, the second electronic device can be accurately found through the identification of the second electronic device, which prevents the theft or misconnection of peripheral devices of the first electronic device, and enables the second processor to accurately communicate with the second electronic device.
在一个实施例中,上述方法还包括:通过第二处理器获取第二明文;采用密钥对第二明文进行加密生成第二密文,并通过第二蓝牙的非加密通道发送至第二电子设备;第二密文用于指示第二电子设备采用密钥对第二密文进行解密,得到第二明文。In one embodiment, the above method further includes: obtaining the second plaintext by the second processor; encrypting the second plaintext by using the key to generate the second ciphertext, and sending the second ciphertext to the second electronic device through the non-encrypted channel of the second Bluetooth Device; the second ciphertext is used to instruct the second electronic device to use the key to decrypt the second ciphertext to obtain the second plaintext.
当第二处理器与第二电子设备进行通信时,第二处理器采用密钥对第二明文进行加密得到第二密文,并通过第二蓝牙的非加密通道发送至第二电子设备中,对第二明文进行加密,避免第二明文在飞加密通道中进行传输时泄露,可以提高安全性。第二电子设备接收到第二密文后,可以采用该密钥对第二密文进行解密,即可得到第二明文。第二处理器与第二电子设备通过第二蓝牙的非加密通道进行通信,可以降低功耗。When the second processor communicates with the second electronic device, the second processor uses the key to encrypt the second plaintext to obtain the second ciphertext, which is sent to the second electronic device through the second Bluetooth non-encrypted channel, Encrypt the second plaintext to avoid leakage of the second plaintext during transmission in the on-the-fly encrypted channel, which can improve security. After receiving the second ciphertext, the second electronic device can use the key to decrypt the second ciphertext to obtain the second plaintext. The second processor communicates with the second electronic device through the non-encrypted channel of the second Bluetooth, which can reduce power consumption.
在一个实施例中,上述方法还包括:当检测到与第一电子设备首次连接时,判断当前运行的系统;当当前运行的系统为第一处理器所在的系统时,执行通过第一处理器接收第二电子设备发送的密钥操作;当当前运行的系统为第二处理器所在的系统时,将第一电子设备切换至第一处理器所在的系统,执行通过第一处理器接收第二电子设备发送的密钥操作。In one embodiment, the above method further includes: when detecting the first connection with the first electronic device, judging the currently running system; when the currently running system is the system where the first processor is located, executing through the first processor Receive the key operation sent by the second electronic device; when the currently running system is the system where the second processor is located, switch the first electronic device to the system where the first processor is located, and execute receiving the second The key operation sent by the electronic device.
第一电子设备与第二电子设备首次连接,指的是第一电子设备与第二电子设备第一次连接,或者第一电子设备与第二电子设备之前连接过,但是第一电子设备清除缓存之后与第二电子设备进行连接。The first connection between the first electronic device and the second electronic device refers to the first connection between the first electronic device and the second electronic device, or the first electronic device has been connected with the second electronic device before, but the first electronic device clears the cache Then connect with the second electronic device.
当检测到与第一电子设备首次连接时,第一电子设备判断当前运行的系统。第一电子设备当前运行的系统可以是第一处理器所在的系统和第二处理器所在的系统中的其中一个。When detecting the first connection with the first electronic device, the first electronic device determines the currently running system. The system currently running on the first electronic device may be one of the system where the first processor is located and the system where the second processor is located.
当当前运行的系统为第一处理器所在的系统时,则执行通过第一处理器接收第二电子设备发送的密钥操作。当当前运行的系统为第二处理器所在的系统时,则第一电子设备先将当前运行的系统切换至第一处理器所在的系统,采用第一蓝牙的加密通道与第二电子设备进行通信,即通过第一蓝牙的加密通道接收第二电子设备发送的密钥,可以保证密钥的安全性。When the currently running system is the system where the first processor is located, the operation of receiving the key sent by the second electronic device through the first processor is executed. When the currently running system is the system where the second processor is located, the first electronic device first switches the currently running system to the system where the first processor is located, and uses the first Bluetooth encryption channel to communicate with the second electronic device , That is, receiving the key sent by the second electronic device through the encryption channel of the first Bluetooth, which can ensure the security of the key.
图7为另一个实施例中加密通信方法的流程图。本实施例中的加密通信方法,应用于与第一电子设备进行通信的第二电子设备,第一电子设备包括第一处理器和第二处理器,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信,第二蓝牙的功耗低于第一蓝牙的功耗。如图7所示,加密通信方法包括操作702至操作706。Fig. 7 is a flowchart of an encrypted communication method in another embodiment. The encrypted communication method in this embodiment is applied to a second electronic device that communicates with a first electronic device. The first electronic device includes a first processor and a second processor, and the first processor passes through the encrypted channel of the first Bluetooth For communication, the second processor communicates through the non-encrypted channel of the second Bluetooth, and the power consumption of the second Bluetooth is lower than the power consumption of the first Bluetooth. As shown in FIG. 7, the encrypted communication method includes operations 702 to 706.
操作702,生成密钥。In operation 702, a key is generated.
进一步地,可以通过第二电子设备中的目标应用程序生成密钥。例如目标应用程序为与第一电子设备相连接的健康APP。Further, the key can be generated by the target application in the second electronic device. For example, the target application is a health APP connected to the first electronic device.
操作704,将密钥通过第一蓝牙的加密通道发送至第一电子设备中的第一处理器;密钥用于指示第一处理器将接收的密钥发送至第二处理器。In operation 704, the key is sent to the first processor in the first electronic device through the encryption channel of the first Bluetooth; the key is used to instruct the first processor to send the received key to the second processor.
操作706,当检测到第一电子设备切换至第二处理器所在的系统时,将第一密文通过第二蓝牙的非加密通道发送至第一电子设备中的第二处理器;第一密文是第二电子设备采用密 钥对获取的第一明文进行加密得到的,第一密文用于指示第二处理器采用密钥对第一密文进行解密,得到第一明文。In operation 706, when it is detected that the first electronic device is switched to the system where the second processor is located, the first ciphertext is sent to the second processor in the first electronic device through the non-encrypted channel of the second Bluetooth; The text is obtained by encrypting the first plain text obtained by the second electronic device using the key, and the first cipher text is used to instruct the second processor to use the key to decrypt the first cipher text to obtain the first plain text.
上述加密通信方法,应用于与第一电子设备进行通信的第二电子设备,第一电子设备包括第一处理器和第二处理器,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信;第二蓝牙的功耗低于第一蓝牙的功耗;生成密钥;将密钥通过第一蓝牙的加密通道发送至第一电子设备中的第一处理器,可以保证密钥的安全性;密钥用于指示第一处理器将接收的密钥发送至第二处理器;当检测到第一电子设备切换至第二处理器所在的系统时,即第一电子设备通过第二处理器与第二电子设备进行通信,而第二处理器通过第二蓝牙的非加密通道进行通信,将第一密文通过第二蓝牙的非加密通道发送至第一电子设备中的第二处理器;第一密文是第二电子设备采用密钥对获取的第一明文进行加密得到的,第一密文用于指示第二处理器采用密钥对第一密文进行解密,得到第一明文,避免了第二电子设备与第二处理器采用明文通信时数据的泄露,提高了第二电子设备与第一电子设备通信的安全性。并且通过第二蓝牙的非加密通道进行通信时,可以降低通信的功耗。The above-mentioned encrypted communication method is applied to a second electronic device that communicates with a first electronic device. The first electronic device includes a first processor and a second processor. The first processor communicates through a first Bluetooth encryption channel. The second processor communicates through the non-encrypted channel of the second Bluetooth; the power consumption of the second Bluetooth is lower than that of the first Bluetooth; generates a key; sends the key to the first electronic device through the encrypted channel of the first Bluetooth The first processor can ensure the security of the key; the key is used to instruct the first processor to send the received key to the second processor; when it is detected that the first electronic device is switched to the second processor In the system, the first electronic device communicates with the second electronic device through the second processor, and the second processor communicates through the second Bluetooth non-encrypted channel, passing the first ciphertext through the second Bluetooth non-encrypted channel Sent to the second processor in the first electronic device; the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used to instruct the second processor to use the key Decrypting the first ciphertext to obtain the first plaintext avoids data leakage when the second electronic device communicates with the second processor in plaintext, and improves the security of communication between the second electronic device and the first electronic device. And when communicating through the non-encrypted channel of the second Bluetooth, the power consumption of the communication can be reduced.
在一个实施例中,上述方法还包括:将第二电子设备的标识通过第一蓝牙的加密通道发送至第一电子设备中的第一处理器;第二电子设备的标识用于指示第一处理器将接收的第二电子设备的标识发送至第二处理器,通过第二处理器将接收的第二电子设备的标识与连接第一电子设备的各个候选设备进行匹配,当存在第二电子设备的标识与候选设备相匹配时,与第二电子设备的标识相匹配的候选设备为第二电子设备,通过第二处理器接收第二电子设备发送的第一密文。In one embodiment, the above method further includes: sending the identification of the second electronic device to the first processor in the first electronic device through the encrypted channel of the first Bluetooth; the identification of the second electronic device is used to indicate the first processing The device sends the received identification of the second electronic device to the second processor, and the received identification of the second electronic device is matched with each candidate device connected to the first electronic device through the second processor. When there is a second electronic device When the identifier of matches the candidate device, the candidate device that matches the identifier of the second electronic device is the second electronic device, and the first ciphertext sent by the second electronic device is received through the second processor.
在本实施例中,将第二电子设备的标识通过第一蓝牙的加密通道发送至第一电子设备中的第一处理器;第二电子设备的标识用于指示第一处理器将接收的第二电子设备的标识发送至第二处理器,通过第二处理器将接收的第二电子设备的标识与连接第一电子设备的各个候选设备进行匹配,无需在第一电子设备切换系统时用户再对第一电子设备和第二电子设备进行匹配,可以提高通信的效率。并且当存在第二电子设备的标识与候选设备相匹配时,与第二电子设备的标识相匹配的候选设备为第二电子设备,通过第二电子设备的标识可以精准查找到第二电子设备,使得第二处理器精准与第二电子设备进行通信,即通过第二处理器接收第二电子设备发送的第一密文。In this embodiment, the identifier of the second electronic device is sent to the first processor in the first electronic device through the encrypted channel of the first Bluetooth; the identifier of the second electronic device is used to instruct the first processor to receive the first processor The identification of the second electronic device is sent to the second processor, and the received identification of the second electronic device is matched with each candidate device connected to the first electronic device through the second processor, and the user does not need to switch the system of the first electronic device. Matching the first electronic device and the second electronic device can improve the efficiency of communication. And when there is an identification of the second electronic device that matches the candidate device, the candidate device that matches the identification of the second electronic device is the second electronic device, and the second electronic device can be accurately found through the identification of the second electronic device, The second processor can accurately communicate with the second electronic device, that is, the first ciphertext sent by the second electronic device is received by the second processor.
在一个实施例中,上述方法还包括:将密钥发送至服务器;当第二电子设备清除密钥时,获取相连接的第一电子设备的标识,并将第一电子设备的标识发送至服务器;第一电子设备的标识用于指示服务器获取与第一电子设备的标识相匹配的密钥;接收服务器发送的与第一电子设备的标识相匹配的密钥。In one embodiment, the above method further includes: sending the key to the server; when the second electronic device clears the key, obtaining the identification of the connected first electronic device, and sending the identification of the first electronic device to the server The identification of the first electronic device is used to instruct the server to obtain a key matching the identification of the first electronic device; to receive a key matching the identification of the first electronic device sent by the server.
第二电子设备清除密钥,可以是第二电子设备删除该密钥,也可以是电子设备清空缓存,从而清除了密钥,不限于此。The deletion of the key by the second electronic device may be that the second electronic device deletes the key, or the electronic device clears the cache, thereby clearing the key, but it is not limited to this.
进一步地,将第一电子设备的标识发送至服务器,第一电子设备的标识也可以用于指示服务器获取与第一电子设备的标识相匹配的设备信息,例如第一电子设备的MAC地址、第一电子设备的用户名称、第一电子设备的品牌等。Further, the identification of the first electronic device is sent to the server, and the identification of the first electronic device may also be used to instruct the server to obtain device information that matches the identification of the first electronic device, such as the MAC address of the first electronic device, and the first electronic device. The user name of an electronic device, the brand of the first electronic device, etc.
在本实施例中,将密钥发送至服务器;当第二电子设备清除密钥时,获取相连接的第一电子设备的标识,并将第一电子设备的标识发送至服务器;可以从服务器获取与第一电子设备的标识相匹配的密钥。即使在第二电子设备清除密钥之后,也可以重新从服务器中获取密钥,并通过密钥与第一电子设备进行通信。In this embodiment, the key is sent to the server; when the second electronic device clears the key, the identification of the connected first electronic device is obtained, and the identification of the first electronic device is sent to the server; it can be obtained from the server A key that matches the identification of the first electronic device. Even after the second electronic device clears the key, it can obtain the key from the server again and communicate with the first electronic device through the key.
在一个实施例中,如图8所示,802为第一电子设备,第一电子设备中包括第一处理器和第二处理器。当第一电子设备802与第二电子设备首次连接时,第二电子设备执行操作804,生成密钥;第二电子设备执行操作806,将第二电子设备的标识和密钥通过第一蓝牙的加密通道发送至第一电子设备802中的第一处理器。当第一处理器接收到第二电子设备发送的第二电子设备标识和密钥时,执行操作808,第一处理器将第二电子设备标识和密钥发送至第二处理器。当第二处理器接收到第一处理器发送的第二电子设备标识和密钥时,执行操作810, 第二处理器存储第二电子设备标识和密钥。第二电子设备执行操作812,发送密钥至服务器。In one embodiment, as shown in FIG. 8, 802 is a first electronic device, and the first electronic device includes a first processor and a second processor. When the first electronic device 802 is connected to the second electronic device for the first time, the second electronic device executes operation 804 to generate a key; the second electronic device executes operation 806 to pass the identification and key of the second electronic device through the first Bluetooth The encrypted channel is sent to the first processor in the first electronic device 802. When the first processor receives the second electronic device identification and key sent by the second electronic device, operation 808 is performed, and the first processor sends the second electronic device identification and key to the second processor. When the second processor receives the second electronic device identification and key sent by the first processor, operation 810 is performed, and the second processor stores the second electronic device identification and key. The second electronic device performs operation 812 and sends the key to the server.
当第一电子设备切换至第二处理器所在的系统时,第二处理器执行操作814,将第二电子设备的标识与连接的各个候选设备进行匹配,当存在第二电子设备的标识与候选设备相匹配时,与第二电子设备的标识相匹配的候选设备为第二电子设备。第二电子设备执行操作816,采用密钥对第一明文进行加密得到第一密文。第二电子设备执行操作818,通过第二蓝牙的非加密通道将第一密文发送至第二处理器。第二处理器接收到第一密文时,执行操作820,采用密钥对第一密文进行解密得到第一明文。第二处理器执行操作822,采用密钥对第二明文进行加密得到第二密文。第二处理器执行操作824,通过第二蓝牙的非加密通道将第二密文发送至第二电子设备。第二电子设备接收到第二密文时,执行操作826,采用密钥对第二密文进行解密得到第二明文。When the first electronic device is switched to the system where the second processor is located, the second processor performs operation 814 to match the identification of the second electronic device with each of the candidate devices connected, and when there is the identification of the second electronic device and the candidate When the devices are matched, the candidate device that matches the identifier of the second electronic device is the second electronic device. The second electronic device performs operation 816 to encrypt the first plaintext using the key to obtain the first ciphertext. The second electronic device performs operation 818 to send the first ciphertext to the second processor through the non-encrypted channel of the second Bluetooth. When the second processor receives the first ciphertext, it performs operation 820 to decrypt the first ciphertext using the key to obtain the first plaintext. The second processor performs operation 822 to encrypt the second plaintext using the key to obtain the second ciphertext. The second processor performs operation 824 to send the second ciphertext to the second electronic device through the non-encrypted channel of the second Bluetooth. When the second electronic device receives the second ciphertext, it performs operation 826 to decrypt the second ciphertext using the key to obtain the second plaintext.
当第二电子设备清除密钥之后,第二电子设备可以获取相连接的第一电子设备的标识,执行操作828,将第一电子设备的标识发送至服务器。服务器接收到第一电子设备的标识时,获取与第一电子设备的标识相匹配的密钥,并执行操作830,将该密钥发送至第二电子设备。After the second electronic device clears the key, the second electronic device may obtain the identification of the connected first electronic device, and perform operation 828 to send the identification of the first electronic device to the server. When receiving the identification of the first electronic device, the server obtains a key matching the identification of the first electronic device, and performs operation 830 to send the key to the second electronic device.
应该理解的是,虽然图2、图6和图7的流程图中的各个操作按照箭头的指示依次显示,但是这些操作并不是必然按照箭头指示的顺序依次执行。除非本文中有明确的说明,这些操作的执行并没有严格的顺序限制,这些操作可以以其它的顺序执行。而且,图2、图6和图7中的至少一部分操作可以包括多个子操作或者多个阶段,这些子操作或者阶段并不必然是在同一时刻执行完成,而是可以在不同的时刻执行,这些子操作或者阶段的执行顺序也不必然是依次进行,而是可以与其它操作或者其它操作的子操作或者阶段的至少一部分轮流或者交替地执行。It should be understood that although the various operations in the flowcharts of FIG. 2, FIG. 6 and FIG. 7 are displayed in sequence as indicated by the arrows, these operations are not necessarily performed in sequence in the order indicated by the arrows. Unless explicitly stated in this article, there is no strict order for the execution of these operations, and these operations can be executed in other orders. Moreover, at least part of the operations in Figure 2, Figure 6 and Figure 7 may include multiple sub-operations or multiple stages. These sub-operations or stages are not necessarily executed at the same time, but can be executed at different times. The execution order of the sub-operations or stages is not necessarily performed sequentially, but may be executed alternately or alternately with other operations or at least a part of the sub-operations or stages of other operations.
图9为一个实施例的加密通信装置的结构框图。如图9所示,提供了一种加密通信装置900,应用于包括第一处理器和第二处理器的第一电子设备,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信,第二蓝牙的功耗低于第一蓝牙的功耗;该装置包括:密钥接收模块902、第一密文接收模块904和解密模块906,其中:Fig. 9 is a structural block diagram of an encrypted communication device according to an embodiment. As shown in FIG. 9, an encrypted communication device 900 is provided, which is applied to a first electronic device including a first processor and a second processor. The first processor communicates through a first Bluetooth encryption channel, and the second process The device communicates through the non-encrypted channel of the second Bluetooth, and the power consumption of the second Bluetooth is lower than that of the first Bluetooth; the device includes: a key receiving module 902, a first ciphertext receiving module 904, and a decryption module 906. :
密钥接收模块902,用于通过第一处理器接收第二电子设备发送的密钥,并将密钥发送至第二处理器;密钥是第二电子设备通过第一蓝牙的加密通道发送至第一处理器的,密钥是第二电子设备生成的。The key receiving module 902 is configured to receive the key sent by the second electronic device through the first processor and send the key to the second processor; the key is sent to the second electronic device through the encryption channel of the first Bluetooth For the first processor, the key is generated by the second electronic device.
第一密文接收模块904,用于当第一电子设备切换至第二处理器所在的系统时,通过第二处理器接收第二电子设备发送的第一密文;第一密文是第二电子设备通过第二蓝牙的非加密通道向第二处理器发送的,第一密文是第二电子设备采用密钥对第一明文进行加密生成的。The first ciphertext receiving module 904 is configured to receive the first ciphertext sent by the second electronic device through the second processor when the first electronic device is switched to the system where the second processor is located; the first ciphertext is the second The electronic device sends to the second processor through the non-encrypted channel of the second Bluetooth, and the first ciphertext is generated by the second electronic device using the key to encrypt the first plaintext.
解密模块906,用于通过第二处理器采用密钥对第一密文进行解密,得到第一明文。The decryption module 906 is configured to decrypt the first ciphertext by using the key by the second processor to obtain the first plaintext.
上述加密通信装置,应用于包括第一处理器和第二处理器的第一电子设备,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信,第二蓝牙的功耗低于第一蓝牙的功耗;通过第一处理器接收第二电子设备发送的密钥,并将密钥发送至第二处理器;密钥是第二电子设备通过第一蓝牙的加密通道发送至第一处理器的,可以保证密钥的安全性;当第一电子设备切换至第二处理器所在的系统时,即第一电子设备通过第二处理器与第二电子设备进行通信,而第二处理器通过第二蓝牙的非加密通道进行通信,通过第二处理器接收第二电子设备发送的第一密文;通过第二处理器采用密钥对第一密文进行解密,得到第一明文,避免了第二电子设备与第二处理器采用明文通信时数据的泄露,提高了第二电子设备与第一电子设备通信的安全性。并且通过第二蓝牙的非加密通道进行通信时,可以降低通信的功耗。The above encrypted communication device is applied to a first electronic device including a first processor and a second processor. The first processor communicates through the encrypted channel of the first Bluetooth, and the second processor communicates through the non-encrypted channel of the second Bluetooth. Communication, the power consumption of the second Bluetooth is lower than the power consumption of the first Bluetooth; the first processor receives the key sent by the second electronic device, and sends the key to the second processor; the key is the second electronic device The encryption key is sent to the first processor through the first Bluetooth encryption channel, which can ensure the security of the key; when the first electronic device is switched to the system where the second processor is located, that is, the first electronic device communicates with the second processor through the second processor. The second electronic device communicates, and the second processor communicates through the non-encrypted channel of the second Bluetooth, and receives the first ciphertext sent by the second electronic device through the second processor; A ciphertext is decrypted to obtain the first plaintext, which avoids data leakage when the second electronic device communicates with the second processor in plaintext, and improves the security of communication between the second electronic device and the first electronic device. And when communicating through the non-encrypted channel of the second Bluetooth, the power consumption of the communication can be reduced.
在一个实施例中,上述加密通信装置900还包括匹配模块,用于通过第一处理器接收第二电子设备发送的第二电子设备的标识,并将第二电子设备的标识发送至第二处理器;第二电子设备的标识是第二电子设备通过第一蓝牙的加密通道发送的;当第一电子设备切换至第 二处理器所在的系统时,通过第二处理器将接收的第二电子设备的标识与连接第一电子设备的各个候选设备进行匹配;当存在第二电子设备的标识与候选设备相匹配时,与第二电子设备的标识相匹配的候选设备为第二电子设备,执行通过第二处理器接收第二电子设备发送的第一密文操作。In one embodiment, the aforementioned encrypted communication device 900 further includes a matching module, configured to receive the identification of the second electronic device sent by the second electronic device through the first processor, and send the identification of the second electronic device to the second processor. The identification of the second electronic device is sent by the second electronic device through the encrypted channel of the first Bluetooth; when the first electronic device is switched to the system where the second processor is located, the second electronic device received by the second processor The device identification is matched with each candidate device connected to the first electronic device; when there is a second electronic device that matches the candidate device, the candidate device that matches the identification of the second electronic device is the second electronic device, execute The first ciphertext operation sent by the second electronic device is received by the second processor.
在一个实施例中,上述加密通信装置900还包括加密模块,用于通过第二处理器获取第二明文;采用密钥对第二明文进行加密生成第二密文,并通过第二蓝牙的非加密通道发送至第二电子设备;第二密文用于指示第二电子设备采用密钥对第二密文进行解密,得到第二明文。In an embodiment, the above-mentioned encrypted communication device 900 further includes an encryption module for obtaining the second plaintext through the second processor; encrypting the second plaintext with a key to generate the second ciphertext, and using the second Bluetooth The encrypted channel is sent to the second electronic device; the second ciphertext is used to instruct the second electronic device to use the key to decrypt the second ciphertext to obtain the second plaintext.
在一个实施例中,上述加密通信装置900还包括当前运行系统判断模块,用于当检测到与第二电子设备首次连接时,判断当前运行的系统;当当前运行的系统为第一处理器所在的系统时,执行通过第一处理器接收第二电子设备发送的密钥操作;当当前运行的系统为第二处理器所在的系统时,将第一电子设备切换至第一处理器所在的系统,执行通过第一处理器接收第二电子设备发送的密钥操作。In one embodiment, the above-mentioned encrypted communication device 900 further includes a current running system judgment module, which is used to judge the currently running system when the first connection with the second electronic device is detected; when the current running system is where the first processor is located When the system of the first processor is used, the operation of receiving the key sent by the second electronic device through the first processor is executed; when the currently running system is the system where the second processor is located, the first electronic device is switched to the system where the first processor is located Execute the operation of receiving the key sent by the second electronic device through the first processor.
图10为一个实施例的加密通信装置的结构框图。如图10所示,提供了一种加密通信装置1000,应用于与第一电子设备进行通信的第二电子设备,第一电子设备包括第一处理器和第二处理器,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信,第二蓝牙的功耗低于第一蓝牙的功耗;该装置包括:密钥生成模块1002、密钥发送模块1004和第一密文发送模块1006,其中:Fig. 10 is a structural block diagram of an encrypted communication device according to an embodiment. As shown in FIG. 10, an encrypted communication device 1000 is provided, which is applied to a second electronic device that communicates with a first electronic device. The first electronic device includes a first processor and a second processor. The encrypted channel of the first Bluetooth communicates, and the second processor communicates through the non-encrypted channel of the second Bluetooth. The power consumption of the second Bluetooth is lower than that of the first Bluetooth; the device includes: a key generation module 1002, a secret The key sending module 1004 and the first ciphertext sending module 1006, where:
密钥生成模块1002,用于生成密钥。The key generation module 1002 is used to generate keys.
密钥发送模块1004,用于将密钥通过第一蓝牙的加密通道发送至第一电子设备中的第一处理器;密钥用于指示第一处理器将接收的密钥发送至第二处理器。The key sending module 1004 is used to send the key to the first processor in the first electronic device through the first Bluetooth encryption channel; the key is used to instruct the first processor to send the received key to the second processor Device.
第一密文发送模块1006,用于当检测到第一电子设备切换至第二处理器所在的系统时,将第一密文通过第二蓝牙的非加密通道发送至第一电子设备中的第二处理器;第一密文是第二电子设备采用密钥对获取的第一明文进行加密得到的,第一密文用于指示第二处理器采用密钥对第一密文进行解密,得到第一明文。The first ciphertext sending module 1006 is configured to send the first ciphertext to the first ciphertext in the first electronic device through the second Bluetooth non-encrypted channel when it is detected that the first electronic device is switched to the system where the second processor is located. Two processors; the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used to instruct the second processor to use the key to decrypt the first ciphertext to obtain The first plaintext.
上述加密通信装置,应用于与第一电子设备进行通信的第二电子设备,第一电子设备包括第一处理器和第二处理器,第一处理器通过第一蓝牙的加密通道进行通信,第二处理器通过第二蓝牙的非加密通道进行通信;第二蓝牙的功耗低于第一蓝牙的功耗;生成密钥;将密钥通过第一蓝牙的加密通道发送至第一电子设备中的第一处理器,可以保证密钥的安全性;密钥用于指示第一处理器将接收的密钥发送至第二处理器;当检测到第一电子设备切换至第二处理器所在的系统时,即第一电子设备通过第二处理器与第二电子设备进行通信,而第二处理器通过第二蓝牙的非加密通道进行通信,将第一密文通过第二蓝牙的非加密通道发送至第一电子设备中的第二处理器;第一密文是第二电子设备采用密钥对获取的第一明文进行加密得到的,第一密文用于指示第二处理器采用密钥对第一密文进行解密,得到第一明文,避免了第二电子设备与第二处理器采用明文通信时数据的泄露,提高了第二电子设备与第一电子设备通信的安全性。并且通过第二蓝牙的非加密通道进行通信时,可以降低通信的功耗。The aforementioned encrypted communication device is applied to a second electronic device that communicates with a first electronic device. The first electronic device includes a first processor and a second processor. The first processor communicates through a first Bluetooth encryption channel. The second processor communicates through the non-encrypted channel of the second Bluetooth; the power consumption of the second Bluetooth is lower than that of the first Bluetooth; generates a key; sends the key to the first electronic device through the encrypted channel of the first Bluetooth The first processor can ensure the security of the key; the key is used to instruct the first processor to send the received key to the second processor; when it is detected that the first electronic device is switched to the second processor In the system, the first electronic device communicates with the second electronic device through the second processor, and the second processor communicates through the second Bluetooth non-encrypted channel, passing the first ciphertext through the second Bluetooth non-encrypted channel Sent to the second processor in the first electronic device; the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used to instruct the second processor to use the key Decrypting the first ciphertext to obtain the first plaintext avoids data leakage when the second electronic device communicates with the second processor in plaintext, and improves the security of communication between the second electronic device and the first electronic device. And when communicating through the non-encrypted channel of the second Bluetooth, the power consumption of the communication can be reduced.
在一个实施例中,上述加密通信装置1000还包括第二电子设备的标识发送模块,用于将第二电子设备的标识通过第一蓝牙的加密通道发送至第一电子设备中的第一处理器;第二电子设备的标识用于指示第一处理器将接收的第二电子设备的标识发送至第二处理器,通过第二处理器将接收的第二电子设备的标识与连接第一电子设备的各个候选设备进行匹配,当存在第二电子设备的标识与候选设备相匹配时,与第二电子设备的标识相匹配的候选设备为第二电子设备,通过第二处理器接收第二电子设备发送的第一密文。In an embodiment, the aforementioned encrypted communication device 1000 further includes an identification sending module of the second electronic device, configured to send the identification of the second electronic device to the first processor in the first electronic device through the encryption channel of the first Bluetooth. The identification of the second electronic device is used to instruct the first processor to send the received identification of the second electronic device to the second processor, and the received identification of the second electronic device is connected to the first electronic device through the second processor When there is a second electronic device that matches the candidate device, the candidate device that matches the identification of the second electronic device is the second electronic device, and the second electronic device is received by the second processor The first ciphertext sent.
在一个实施例中,上述加密通信装置1000还包括密钥获取模块,用于将密钥发送至服务器;当第二电子设备清除密钥时,获取相连接的第一电子设备的标识,并将第一电子设备的标识发送至服务器;第一电子设备的标识用于指示服务器获取与第一电子设备的标识相匹配的密钥;接收服务器发送的与第一电子设备的标识相匹配的密钥。In one embodiment, the above-mentioned encrypted communication device 1000 further includes a key acquisition module for sending the key to the server; when the second electronic device clears the key, the identification of the connected first electronic device is acquired, and the The identification of the first electronic device is sent to the server; the identification of the first electronic device is used to instruct the server to obtain a key that matches the identification of the first electronic device; and the key that matches the identification of the first electronic device sent by the server is received .
上述加密通信装置中各个模块的划分仅用于举例说明,在其他实施例中,可将加密通信装置按照需要划分为不同的模块,以完成上述加密通信装置的全部或部分功能。The division of the modules in the above-mentioned encrypted communication device is only for illustration. In other embodiments, the encrypted communication device can be divided into different modules as required to complete all or part of the functions of the above-mentioned encrypted communication device.
关于加密通信装置的具体限定可以参见上文中对于加密通信方法的限定,在此不再赘述。上述加密通信装置中的各个模块可全部或部分通过软件、硬件及其组合来实现。上述各模块可以硬件形式内嵌于或独立于计算机设备中的处理器中,也可以以软件形式存储于计算机设备中的存储器中,以便于处理器调用执行以上各个模块对应的操作。For the specific definition of the encrypted communication device, please refer to the above definition of the encrypted communication method, which will not be repeated here. Each module in the aforementioned encrypted communication device can be implemented in whole or in part by software, hardware, and a combination thereof. The above-mentioned modules may be embedded in the form of hardware or independent of the processor in the computer equipment, or may be stored in the memory of the computer equipment in the form of software, so that the processor can call and execute the operations corresponding to the above-mentioned modules.
图11为一个实施例中电子设备的内部结构示意图。如图11所示,该电子设备包括通过系统总线连接的处理器和存储器。其中,该处理器用于提供计算和控制能力,支撑整个电子设备的运行。存储器可包括非易失性存储介质及内存储器。非易失性存储介质存储有操作系统和计算机程序。该计算机程序可被处理器所执行,以用于实现以下各个实施例所提供的一种加密通信方法。内存储器为非易失性存储介质中的操作系统计算机程序提供高速缓存的运行环境。该电子设备可以是手机、平板电脑、PDA(Personal Digital Assistant,个人数字助理)、POS(Point of Sales,销售终端)、车载电脑、穿戴式设备等任意终端设备。FIG. 11 is a schematic diagram of the internal structure of an electronic device in an embodiment. As shown in FIG. 11, the electronic device includes a processor and a memory connected through a system bus. Among them, the processor is used to provide computing and control capabilities to support the operation of the entire electronic device. The memory may include a non-volatile storage medium and internal memory. The non-volatile storage medium stores an operating system and a computer program. The computer program can be executed by the processor to implement an encrypted communication method provided in the following embodiments. The internal memory provides a cached operating environment for the operating system computer program in the non-volatile storage medium. The electronic device can be any terminal device such as a mobile phone, a tablet computer, a PDA (Personal Digital Assistant), a POS (Point of Sales), a vehicle-mounted computer, and a wearable device.
本申请实施例中提供的加密通信装置中的各个模块的实现可为计算机程序的形式。该计算机程序可在终端或服务器上运行。该计算机程序构成的程序模块可存储在电子设备的存储器上。该计算机程序被处理器执行时,实现本申请实施例中所描述方法的操作。The implementation of each module in the encrypted communication device provided in the embodiment of the present application may be in the form of a computer program. The computer program can be run on a terminal or a server. The program module constituted by the computer program can be stored in the memory of the electronic device. When the computer program is executed by the processor, the operation of the method described in the embodiment of the present application is realized.
本申请实施例还提供了一种计算机可读存储介质。一个或多个包含计算机可执行指令的非易失性计算机可读存储介质,当所述计算机可执行指令被一个或多个处理器执行时,使得所述处理器执行加密通信方法的操作。The embodiment of the present application also provides a computer-readable storage medium. One or more non-volatile computer-readable storage media containing computer-executable instructions, when the computer-executable instructions are executed by one or more processors, cause the processors to perform operations of the encrypted communication method.
一种包含指令的计算机程序产品,当其在计算机上运行时,使得计算机执行加密通信方法。A computer program product containing instructions that, when run on a computer, causes the computer to execute an encrypted communication method.
本申请所使用的对存储器、存储、数据库或其它介质的任何引用可包括非易失性和/或易失性存储器。非易失性存储器可包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦除可编程ROM(EEPROM)或闪存。易失性存储器可包括随机存取存储器(RAM),它用作外部高速缓冲存储器。作为说明而非局限,RAM以多种形式可得,诸如静态RAM(SRAM)、动态RAM(DRAM)、同步DRAM(SDRAM)、双数据率SDRAM(DDR SDRAM)、增强型SDRAM(ESDRAM)、同步链路(Synchlink)DRAM(SLDRAM)、存储器总线(Rambus)直接RAM(RDRAM)、直接存储器总线动态RAM(DRDRAM)、以及存储器总线动态RAM(RDRAM)。Any reference to memory, storage, database, or other media used in this application may include non-volatile and/or volatile memory. Non-volatile memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory. Volatile memory may include random access memory (RAM), which acts as external cache memory. As an illustration and not a limitation, RAM is available in many forms, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), synchronous Link (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
以上所述实施例仅表达了本申请的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对本申请专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本申请构思的前提下,还可以做出若干变形和改进,这些都属于本申请的保护范围。因此,本申请专利的保护范围应以所附权利要求为准。The above-mentioned embodiments only express several implementation manners of the present application, and their description is relatively specific and detailed, but they should not be understood as a limitation to the patent scope of the present application. It should be noted that for those of ordinary skill in the art, without departing from the concept of this application, several modifications and improvements can be made, and these all fall within the protection scope of this application. Therefore, the scope of protection of the patent of this application shall be subject to the appended claims.

Claims (19)

  1. 一种加密通信方法,其特征在于,应用于包括第一处理器和第二处理器的第一电子设备,所述第一处理器通过第一蓝牙的加密通道进行通信,所述第二处理器通过第二蓝牙的非加密通道进行通信;所述方法包括:An encrypted communication method, characterized in that it is applied to a first electronic device including a first processor and a second processor, the first processor communicates through a first Bluetooth encryption channel, and the second processor Communicate through the non-encrypted channel of the second Bluetooth; the method includes:
    通过所述第一处理器接收第二电子设备发送的密钥,并将所述密钥发送至所述第二处理器;所述密钥是所述第二电子设备通过所述第一蓝牙的加密通道发送至所述第一处理器的,所述密钥是所述第二电子设备生成的;Receive the key sent by the second electronic device through the first processor, and send the key to the second processor; the key is the key sent by the second electronic device through the first Bluetooth The encryption channel is sent to the first processor, and the key is generated by the second electronic device;
    当所述第一电子设备切换至所述第二处理器所在的系统时,通过所述第二处理器接收所述第二电子设备发送的第一密文;所述第一密文是所述第二电子设备通过所述第二蓝牙的非加密通道向所述第二处理器发送的,所述第一密文是所述第二电子设备采用所述密钥对第一明文进行加密生成的;及When the first electronic device switches to the system where the second processor is located, the second processor receives the first ciphertext sent by the second electronic device; the first ciphertext is the The second electronic device sends to the second processor through the second Bluetooth non-encrypted channel, the first ciphertext is generated by the second electronic device using the key to encrypt the first plaintext ;and
    通过所述第二处理器采用所述密钥对所述第一密文进行解密,得到所述第一明文。The second processor uses the key to decrypt the first ciphertext to obtain the first plaintext.
  2. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method according to claim 1, wherein the method further comprises:
    通过所述第一处理器接收所述第二电子设备发送的第二电子设备的标识,并将所述第二电子设备的标识发送至所述第二处理器;所述第二电子设备的标识是所述第二电子设备通过所述第一蓝牙的加密通道发送的;Receive the identification of the second electronic device sent by the second electronic device through the first processor, and send the identification of the second electronic device to the second processor; the identification of the second electronic device Is sent by the second electronic device through the encrypted channel of the first Bluetooth;
    当所述第一电子设备切换至所述第二处理器所在的系统时,通过所述第二处理器将接收的所述第二电子设备的标识与连接所述第一电子设备的各个候选设备进行匹配;及When the first electronic device is switched to the system where the second processor is located, the received identifier of the second electronic device is combined with each candidate device connected to the first electronic device through the second processor Make a match; and
    当存在所述第二电子设备的标识与所述候选设备相匹配时,与所述第二电子设备的标识相匹配的候选设备为所述第二电子设备,执行所述通过所述第二处理器接收所述第二电子设备发送的第一密文操作。When there is an identifier of the second electronic device that matches the candidate device, the candidate device that matches the identifier of the second electronic device is the second electronic device, and the second process is executed. The first ciphertext operation sent by the second electronic device.
  3. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method according to claim 1, wherein the method further comprises:
    通过所述第二处理器获取第二明文;及Obtain a second plaintext through the second processor; and
    采用所述密钥对所述第二明文进行加密生成第二密文,并通过所述第二蓝牙的非加密通道发送至所述第二电子设备;所述第二密文用于指示所述第二电子设备采用所述密钥对所述第二密文进行解密,得到所述第二明文。Use the key to encrypt the second plaintext to generate a second ciphertext, and send it to the second electronic device through the second Bluetooth non-encrypted channel; the second ciphertext is used to indicate the The second electronic device uses the key to decrypt the second ciphertext to obtain the second plaintext.
  4. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method according to claim 1, wherein the method further comprises:
    当检测到与所述第二电子设备首次连接时,判断当前运行的系统;When it is detected that it is connected to the second electronic device for the first time, determine the currently running system;
    当所述当前运行的系统为所述第一处理器所在的系统时,执行所述通过所述第一处理器接收第二电子设备发送的密钥操作;及When the currently running system is the system where the first processor is located, performing the operation of receiving the key sent by the second electronic device through the first processor; and
    当所述当前运行的系统为所述第二处理器所在的系统时,将所述第一电子设备切换至所述第一处理器所在的系统,执行所述通过所述第一处理器接收第二电子设备发送的密钥操作。When the currently running system is the system where the second processor is located, switch the first electronic device to the system where the first processor is located, and execute the receiving of the first electronic device through the first processor. 2. The key operation sent by the electronic device.
  5. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method according to claim 1, wherein the method further comprises:
    当所述第一电子设备处于所述第一处理器所在的系统时,采用所述第一处理器进行通信;及When the first electronic device is in the system where the first processor is located, the first processor is used for communication; and
    当所述第一电子设备处于所述第二处理器所在的系统时,采用所述第二处理器进行通信。When the first electronic device is in the system where the second processor is located, the second processor is used for communication.
  6. 一种加密通信方法,其特征在于,应用于与第一电子设备进行通信的第二电子设备,所述第一电子设备包括第一处理器和第二处理器,所述第一处理器通过第一蓝牙的加密通道进行通信,所述第二处理器通过第二蓝牙的非加密通道进行通信;所述方法包括:An encrypted communication method, characterized in that it is applied to a second electronic device that communicates with a first electronic device. The first electronic device includes a first processor and a second processor. A Bluetooth encrypted channel communicates, and the second processor communicates through a second Bluetooth non-encrypted channel; the method includes:
    生成密钥;Generate key;
    将所述密钥通过所述第一蓝牙的加密通道发送至所述第一电子设备中的所述第一处理器;所述密钥用于指示所述第一处理器将接收的所述密钥发送至所述第二处理器;及The key is sent to the first processor in the first electronic device through the first Bluetooth encryption channel; the key is used to instruct the first processor to receive the secret The key is sent to the second processor; and
    当检测到所述第一电子设备切换至所述第二处理器所在的系统时,将第一密文通过所述第二蓝牙的非加密通道发送至所述第一电子设备中的所述第二处理器;所述第一密文是所述第二电子设备采用所述密钥对获取的第一明文进行加密得到的,所述第一密文用于指示所述第二处理器采用所述密钥对所述第一密文进行解密,得到所述第一明文。When it is detected that the first electronic device is switched to the system where the second processor is located, the first ciphertext is sent to the first ciphertext in the first electronic device through the non-encrypted channel of the second Bluetooth The second processor; the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used to instruct the second processor to use the The key decrypts the first ciphertext to obtain the first plaintext.
  7. 根据权利要求6所述的方法,其特征在于,所述方法还包括:The method according to claim 6, wherein the method further comprises:
    将所述第二电子设备的标识通过所述第一蓝牙的加密通道发送至所述第一电子设备中的所述第一处理器;Sending the identifier of the second electronic device to the first processor in the first electronic device through the first Bluetooth encryption channel;
    所述第二电子设备的标识用于指示所述第一处理器将接收的所述第二电子设备的标识发送至所述第二处理器,通过所述第二处理器将接收的所述第二电子设备的标识与连接所述第一电子设备的各个候选设备进行匹配,当存在所述第二电子设备的标识与所述候选设备相匹配时,与所述第二电子设备的标识相匹配的候选设备为所述第二电子设备,通过所述第二处理器接收所述第二电子设备发送的第一密文。The identifier of the second electronic device is used to instruct the first processor to send the received identifier of the second electronic device to the second processor, and the received first processor is sent to the second processor through the second processor. Second, the identification of the electronic device is matched with each candidate device connected to the first electronic device, and when there is an identification of the second electronic device that matches the candidate device, it matches the identification of the second electronic device The candidate device of is the second electronic device, and the first ciphertext sent by the second electronic device is received by the second processor.
  8. 根据权利要求6所述的方法,其特征在于,所述方法还包括:The method according to claim 6, wherein the method further comprises:
    将所述密钥发送至服务器;Sending the key to the server;
    当所述第二电子设备清除所述密钥时,获取相连接的所述第一电子设备的标识,并将所述第一电子设备的标识发送至所述服务器;所述第一电子设备的标识用于指示所述服务器获取与所述第一电子设备的标识相匹配的所述密钥;及When the second electronic device clears the key, obtains the identification of the connected first electronic device, and sends the identification of the first electronic device to the server; The identifier is used to instruct the server to obtain the key that matches the identifier of the first electronic device; and
    接收所述服务器发送的与所述第一电子设备的标识相匹配的所述密钥。Receiving the key that matches the identifier of the first electronic device sent by the server.
  9. 根据权利要求6所述的方法,其特征在于,所述生成密钥,包括:The method according to claim 6, wherein said generating a key comprises:
    通过与所述第一电子设备相连接的目标应用程序生成密钥。The key is generated by the target application program connected to the first electronic device.
  10. 一种加密通信装置,其特征在于,应用于包括第一处理器和第二处理器的第一电子设备,所述第一处理器通过第一蓝牙的加密通道进行通信,所述第二处理器通过第二蓝牙的非加密通道进行通信;包括:An encrypted communication device, characterized in that it is applied to a first electronic device including a first processor and a second processor, the first processor communicates through a first Bluetooth encryption channel, and the second processor Communicate through the non-encrypted channel of the second Bluetooth; including:
    密钥接收模块,用于通过所述第一处理器接收第二电子设备发送的密钥,并将所述密钥发送至所述第二处理器;所述密钥是所述第二电子设备通过所述第一蓝牙的加密通道发送至所述第一处理器的,所述密钥是所述第二电子设备生成的;The key receiving module is configured to receive the key sent by the second electronic device through the first processor, and send the key to the second processor; the key is the second electronic device Sent to the first processor through the first Bluetooth encryption channel, and the key is generated by the second electronic device;
    第一密文接收模块,用于当所述第一电子设备切换至所述第二处理器所在的系统时,通过所述第二处理器接收所述第二电子设备发送的第一密文;所述第一密文是所述第二电子设备通过所述第二蓝牙的非加密通道向所述第二处理器发送的,所述第一密文是所述第二电子设备采用所述密钥对第一明文进行加密生成的;及The first ciphertext receiving module is configured to receive the first ciphertext sent by the second electronic device through the second processor when the first electronic device is switched to the system where the second processor is located; The first ciphertext is sent by the second electronic device to the second processor through the second Bluetooth non-encrypted channel, and the first ciphertext is the second electronic device using the secret The key is generated by encrypting the first plaintext; and
    解密模块,用于通过所述第二处理器采用所述密钥对所述第一密文进行解密,得到所述第一明文。The decryption module is configured to decrypt the first ciphertext using the key by the second processor to obtain the first plaintext.
  11. 根据权利要求10所述的装置,其特征在于,所述装置还包括匹配模块,用于通过所述第一处理器接收所述第二电子设备发送的第二电子设备的标识,并将所述第二电子设备的标识发送至所述第二处理器;所述第二电子设备的标识是所述第二电子设备通过所述第一蓝牙的加密通道发送的;The device according to claim 10, wherein the device further comprises a matching module, configured to receive the identifier of the second electronic device sent by the second electronic device through the first processor, and to compare the The identification of the second electronic device is sent to the second processor; the identification of the second electronic device is sent by the second electronic device through the encryption channel of the first Bluetooth;
    当所述第一电子设备切换至所述第二处理器所在的系统时,通过所述第二处理器将接收的所述第二电子设备的标识与连接所述第一电子设备的各个候选设备进行匹配;及When the first electronic device is switched to the system where the second processor is located, the received identifier of the second electronic device is combined with each candidate device connected to the first electronic device through the second processor Make a match; and
    当存在所述第二电子设备的标识与所述候选设备相匹配时,与所述第二电子设备的标识相匹配的候选设备为所述第二电子设备,执行所述通过所述第二处理器接收所述第二电子设备发送的第一密文操作。When there is an identifier of the second electronic device that matches the candidate device, the candidate device that matches the identifier of the second electronic device is the second electronic device, and the second process is executed. The first ciphertext operation sent by the second electronic device.
  12. 根据权利要求10所述的装置,其特征在于,所述装置还包括加密模块,用于通过所述第二处理器获取第二明文;及The device according to claim 10, wherein the device further comprises an encryption module, configured to obtain the second plaintext through the second processor; and
    采用所述密钥对所述第二明文进行加密生成第二密文,并通过所述第二蓝牙的非加密通道发送至所述第二电子设备;所述第二密文用于指示所述第二电子设备采用所述密钥对所述第二密文进行解密,得到所述第二明文。Use the key to encrypt the second plaintext to generate a second ciphertext, and send it to the second electronic device through the second Bluetooth non-encrypted channel; the second ciphertext is used to indicate the The second electronic device uses the key to decrypt the second ciphertext to obtain the second plaintext.
  13. 根据权利要求10所述的装置,其特征在于,所述装置还包括当前运行系统判断模块,用于当检测到与所述第二电子设备首次连接时,判断当前运行的系统;The device according to claim 10, wherein the device further comprises a current running system judging module for judging the currently running system when the first connection with the second electronic device is detected;
    当所述当前运行的系统为所述第一处理器所在的系统时,执行所述通过所述第一处理器接收第二电子设备发送的密钥操作;及When the currently running system is the system where the first processor is located, performing the operation of receiving the key sent by the second electronic device through the first processor; and
    当所述当前运行的系统为所述第二处理器所在的系统时,将所述第一电子设备切换至所述第一处理器所在的系统,执行所述通过所述第一处理器接收第二电子设备发送的密钥操作。When the currently running system is the system where the second processor is located, switch the first electronic device to the system where the first processor is located, and execute the receiving of the first electronic device through the first processor. 2. The key operation sent by the electronic device.
  14. 一种加密通信装置,其特征在于,应用于与第一电子设备进行通信的第二电子设备,所述第一电子设备包括第一处理器和第二处理器,所述第一处理器通过第一蓝牙的加密通道进行通信,所述第二处理器通过第二蓝牙的非加密通道进行通信;所述装置包括:An encrypted communication device, characterized in that it is applied to a second electronic device that communicates with a first electronic device. The first electronic device includes a first processor and a second processor. The first processor passes through the A Bluetooth encrypted channel communicates, and the second processor communicates through a second Bluetooth non-encrypted channel; the device includes:
    密钥生成模块,用于生成密钥;Key generation module, used to generate keys;
    密钥发送模块,用于将所述密钥通过所述第一蓝牙的加密通道发送至所述第一电子设备中的所述第一处理器;所述密钥用于指示所述第一处理器将接收的所述密钥发送至所述第二处理器;及A key sending module, configured to send the key to the first processor in the first electronic device through the first Bluetooth encryption channel; the key is used to instruct the first processing The device sends the received key to the second processor; and
    第一密文发送模块,用于当检测到所述第一电子设备切换至所述第二处理器所在的系统时,将第一密文通过所述第二蓝牙的非加密通道发送至所述第一电子设备中的所述第二处理器;所述第一密文是所述第二电子设备采用所述密钥对获取的第一明文进行加密得到的,所述第一密文用于指示所述第二处理器采用所述密钥对所述第一密文进行解密,得到所述第一明文。The first ciphertext sending module is configured to send the first ciphertext to the system through the second Bluetooth unencrypted channel when it is detected that the first electronic device is switched to the system where the second processor is located. The second processor in the first electronic device; the first ciphertext is obtained by encrypting the first plaintext obtained by the second electronic device using the key, and the first ciphertext is used for Instruct the second processor to decrypt the first ciphertext by using the key to obtain the first plaintext.
  15. 根据权利要求14所述的装置,其特征在于,所述装置还包括:The device according to claim 14, wherein the device further comprises:
    第二电子设备的标识发送模块,用于将所述第二电子设备的标识通过所述第一蓝牙的加密通道发送至所述第一电子设备中的所述第一处理器;An identification sending module of the second electronic device, configured to send the identification of the second electronic device to the first processor in the first electronic device through the first Bluetooth encryption channel;
    所述第二电子设备的标识用于指示所述第一处理器将接收的所述第二电子设备的标识发送至所述第二处理器,通过所述第二处理器将接收的所述第二电子设备的标识与连接所述第一电子设备的各个候选设备进行匹配,当存在所述第二电子设备的标识与所述候选设备相匹配时,与所述第二电子设备的标识相匹配的候选设备为所述第二电子设备,通过所述第二处理器接收所述第二电子设备发送的第一密文。The identifier of the second electronic device is used to instruct the first processor to send the received identifier of the second electronic device to the second processor, and the received first processor is sent to the second processor through the second processor. Second, the identification of the electronic device is matched with each candidate device connected to the first electronic device, and when there is an identification of the second electronic device that matches the candidate device, it matches the identification of the second electronic device The candidate device of is the second electronic device, and the first ciphertext sent by the second electronic device is received by the second processor.
  16. 根据权利要求14所述的装置,其特征在于,所述装置还包括:The device according to claim 14, wherein the device further comprises:
    密钥获取模块,用于将所述密钥发送至服务器;当所述第二电子设备清除所述密钥时,获取相连接的所述第一电子设备的标识,并将所述第一电子设备的标识发送至所述服务器;所述第一电子设备的标识用于指示所述服务器获取与所述第一电子设备的标识相匹配的所述密钥;及接收所述服务器发送的与所述第一电子设备的标识相匹配的所述密钥。The key acquisition module is configured to send the key to the server; when the second electronic device clears the key, acquire the identifier of the connected first electronic device, and send the first electronic device The identification of the device is sent to the server; the identification of the first electronic device is used to instruct the server to obtain the key that matches the identification of the first electronic device; The key that matches the identifier of the first electronic device.
  17. 根据权利要求14所述的装置,其特征在于,所述密钥生成模块还用于通过与所述第一电子设备相连接的目标应用程序生成密钥。The apparatus according to claim 14, wherein the key generation module is further configured to generate a key through a target application connected to the first electronic device.
  18. 一种电子设备,包括存储器及处理器,所述存储器中储存有计算机程序,所述计算机程序被所述处理器执行时,使得所述处理器执行如权利要求1至9中任一项所述的加密通信方法的操作。An electronic device comprising a memory and a processor, and a computer program is stored in the memory. When the computer program is executed by the processor, the processor executes any one of claims 1 to 9 The operation of the encrypted communication method.
  19. 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现如权利要求1至9中任一项所述的方法的操作。A computer-readable storage medium having a computer program stored thereon, wherein the computer program implements the operation of the method according to any one of claims 1 to 9 when the computer program is executed by a processor.
PCT/CN2021/073732 2020-03-09 2021-01-26 Encrypted communication method and apparatus, and electronic device and computer-readable storage medium WO2021179815A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP21768350.7A EP4117327A4 (en) 2020-03-09 2021-01-26 Encrypted communication method and apparatus, and electronic device and computer-readable storage medium
US17/886,246 US20220382886A1 (en) 2020-03-09 2022-08-11 Encrypted communication method and electronic device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010155715.X 2020-03-09
CN202010155715.XA CN113453221B (en) 2020-03-09 2020-03-09 Encrypted communication method, device, electronic equipment and computer readable storage medium

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US17/886,246 Continuation US20220382886A1 (en) 2020-03-09 2022-08-11 Encrypted communication method and electronic device

Publications (1)

Publication Number Publication Date
WO2021179815A1 true WO2021179815A1 (en) 2021-09-16

Family

ID=77671185

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/073732 WO2021179815A1 (en) 2020-03-09 2021-01-26 Encrypted communication method and apparatus, and electronic device and computer-readable storage medium

Country Status (4)

Country Link
US (1) US20220382886A1 (en)
EP (1) EP4117327A4 (en)
CN (1) CN113453221B (en)
WO (1) WO2021179815A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103986503A (en) * 2014-05-16 2014-08-13 北京民芯科技有限公司 Safety Bluetooth headset and voice communication method thereof
CN105933039A (en) * 2016-06-24 2016-09-07 飞天诚信科技股份有限公司 Bluetooth device and working method of the Bluetooth device
CN106303913A (en) * 2015-06-01 2017-01-04 深圳市南方硅谷微电子有限公司 Bluetooth transceiver therein and information transceiving method thereof
US20190172285A1 (en) * 2017-08-14 2019-06-06 Q & K International Group Limited Application Method of Bluetooth Low-energy Electronic Lock Based on Built-in Offline Pairing Passwords, Interactive Unlocking Method of a Bluetooth Electronic Lock and Electronic Lock System

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6708272B1 (en) * 1999-05-20 2004-03-16 Storage Technology Corporation Information encryption system and method
US8005223B2 (en) * 2006-05-12 2011-08-23 Research In Motion Limited System and method for exchanging encryption keys between a mobile device and a peripheral device
FR2913550A1 (en) * 2007-03-07 2008-09-12 Inside Contactless Sa METHOD FOR SECURELY LOADING ACCESS DATA TO A SERVICE IN AN NFC CHIPSET
US20130259230A1 (en) * 2012-03-29 2013-10-03 Broadcom Corporation Bluetooth Low Energy Privacy
US9762558B2 (en) * 2013-03-12 2017-09-12 Trividia Health, Inc. Wireless pairing of personal health device with a computing device
JP6620595B2 (en) * 2016-02-25 2019-12-18 富士通株式会社 Information processing system, information processing apparatus, management apparatus, processing program, and processing method
US10271149B2 (en) * 2016-11-03 2019-04-23 Starkey Laboratories, Inc. Configurable hearing device for use with an assistive listening system
US10432614B2 (en) * 2017-05-16 2019-10-01 Apple Inc. Techniques for verifying user intent and securely configuring computing devices
US20190015669A1 (en) * 2017-07-11 2019-01-17 Biotronik Se & Co. Kg System comprising a medical device and an external device
US10313393B1 (en) * 2017-11-16 2019-06-04 Capital One Services, Llc Systems and methods for securely pairing a transmitting device with a receiving device
US10878113B2 (en) * 2017-12-14 2020-12-29 Apple Inc. Multiple mailbox secure circuit
US20190223014A1 (en) * 2018-01-12 2019-07-18 Qualcomm Incorporated Systems and methods for secure communication of zigbee keys

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103986503A (en) * 2014-05-16 2014-08-13 北京民芯科技有限公司 Safety Bluetooth headset and voice communication method thereof
CN106303913A (en) * 2015-06-01 2017-01-04 深圳市南方硅谷微电子有限公司 Bluetooth transceiver therein and information transceiving method thereof
CN105933039A (en) * 2016-06-24 2016-09-07 飞天诚信科技股份有限公司 Bluetooth device and working method of the Bluetooth device
US20190172285A1 (en) * 2017-08-14 2019-06-06 Q & K International Group Limited Application Method of Bluetooth Low-energy Electronic Lock Based on Built-in Offline Pairing Passwords, Interactive Unlocking Method of a Bluetooth Electronic Lock and Electronic Lock System

Also Published As

Publication number Publication date
EP4117327A1 (en) 2023-01-11
EP4117327A4 (en) 2023-08-16
CN113453221B (en) 2022-04-12
US20220382886A1 (en) 2022-12-01
CN113453221A (en) 2021-09-28

Similar Documents

Publication Publication Date Title
CN104144049B (en) A kind of encryption communication method, system and device
US20200145208A1 (en) Method and device for encrypting and decrypting softphone, and computer-readable storage medium
CN111130803B (en) Method, system and device for digital signature
CN110100422B (en) Data writing method and device based on block chain intelligent contract and storage medium
CN109376824B (en) Dynamic two-dimensional code generation method and system
CN107454590A (en) A kind of data ciphering method, decryption method and wireless router
US20210034763A1 (en) Splitting Sensitive Data and Storing Split Sensitive Data in Different Application Environments
JP2019514314A (en) Method, system and medium for using dynamic public key infrastructure to send and receive encrypted messages
CN114070614A (en) Identity authentication method, device, equipment, storage medium and computer program product
WO2023051337A1 (en) Data processing method and apparatus, and device and storage medium
WO2021179815A1 (en) Encrypted communication method and apparatus, and electronic device and computer-readable storage medium
CN114553556B (en) Data encryption method, device, computer equipment and storage medium
CN113645183B (en) Data encryption transmission method, system, computer equipment and storage medium
TWM569453U (en) Digital data processing system
CN110730166B (en) Data encryption and data decryption method, system, computer device and storage medium
CN113392062B (en) Data storage method and device, electronic equipment and computer readable storage medium
WO2021169747A1 (en) File secret key storage method, system and apparatus, electronic device, and storage medium
KR20180067214A (en) Terminal, system and method for distribution of share key using one time password
CN111818492A (en) Bluetooth beacon and data transmission method and readable storage medium thereof
CN114254335A (en) Encryption method and device based on GPU, encryption equipment and storage medium
CN113179161B (en) Method and device for replacing secret key, computer equipment and storage medium
CN116388970B (en) Centralized cloud computing implementation method and device based on multiparty data
TWI672653B (en) Digital data encryption method, digital data decryption method and digital data processing system
US20230388791A1 (en) Power saving method for lower power devices, electronic device and computer readable storage medium
CN106899611A (en) A kind of telesecurity communication means and system for weighing-appliance

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21768350

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2021768350

Country of ref document: EP

Effective date: 20221007